|
Information Security Officer (ISO) Education
Securing Your Bank's Future
Three Locations
Germantown, TN, March 9
, 2017
Ridgeland, MS, April 11, 2017
Nashville, TN, May 17, 2017
9:00 AM - 4:00 PM each day
Has your bank provided formal continuing education for your designated Information Security Officer (ISO)? If not, expect this to be an issue in your next IT examination.
As noted in the recent updates to the FFIEC IT booklet on
Information Security,
"Management should designate at least one information security officer responsible for implementing and monitoring the information security program." Further, the guidance notes,
"Information security officers should report directly to the board or senior management and have sufficient authority, stature within the organization, knowledge, background, training, and independence to perform their assigned tasks."
In addition, several related regulatory issuances, including Section 501(b) of the
Gramm-Leach-Bliley Act (GLBA), and in recent examinations, the FFIEC agencies are strongly encouraging banks to provide formal training and education for their designated Information Security Officers (ISOs), as part of the banks' information security programs.
Since the
"Interagency Guidelines Establishing Information Security Standards"
(501(b) guidelines) were established, the FFIEC agencies have applied
enf
orcement options if financial institutions do not establish and maintain adequate information security programs. Expect this trend to continue for banks that are unprepared, especially with the examiners' new Information Technology Risk Examination (InTREx) Program which places new emphasis on cybersecurity preparedness.
Join us for this entertaining, informative, bank-specific session that will provide your bank's Information Security Officer with the knowledge and confidence necessary to take on this important responsibility.
Session Highlights
1.
Information Security Defined
2.
The Importance of Board Oversight
3.
Senior Management Responsibilities
4.
The Role of the ISO
5.
Legal and Regulatory Issues
6.
Gramm-Leach-Bliley Act (GLBA) Compliance
7.
Anatomy of the Information Security Program
8.
Performing the Information Security Risk Assessment
9.
Audit's Role in Testing Mitigating Controls
10.
The ISO's Role in Enterprise Risk Management (ERM)
11.
Developing and Delivering a Powerful Security Awareness Program
12.
Understanding Current Security Threats
13.
Security Best Practices
14.
Security Monitoring
15.
Incident Response
16.
Customer Response Program
17.
Information Disposal
18.
Engaging an Effective IT Audit
19.
Cybersecurity Issues
a.
FFIEC Cybersecurity Assessment Tool (CAT)
b.
Bank-specific Cybersecurity Risk Assessment
c.
Cybersecurity Assessment (in conjunction with IT Audit)
d.
Penetration Testing
e.
Vulnerability Scanning
f.
Social Engineering
20.
Service Provider Oversight
21.
Reporting to the Board of Directors or the Audit Committee
Who Should Attend?
This session will appeal to Information Security Officers (ISOs), chief risk officers, auditors, compliance officers, technology & operations management, chief financial officers, board members, and anyone else responsible for information security or cybersecurity preparedness.
Instructors |
|
|
|
|
|
|
|
Over 32 years of experience in the financial services technology field.
Former community banker.
Nationally recognized speaker, author, and teacher for the banking industry.
Teaches the technology, payments, risk management and/or cybersecurity courses at six prestigious banking schools around the nation.
Author of
IT Auditing for Financial Institutions
(2002).
Co-Author of
The Art of Enterprise Risk Management for Community Banks
(2014).
C
ontributor to BankersOnline (BOL Guru).
Leads sessions on technology for the Sheshunoff CEO Affiliation Network and the Bank CEO Network.
Graduate of Christian Brothers University with a concentration in Information Technology Management and Telecommunications.
|
Over 16 years of experience providing IT consulting services and solutions focusing on financial institutions.
Adjunct faculty member at Christian Brothers University where he teaches Digital Forensics as part of the Cybersecurity and Digital Forensics degree program.
Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), and Systems Security Certified Practitioner (SSCP).
Co-author of the SSCP Study Guide and Training System.
Specializes in cyber-security assessments including penetration testing, social engineering, vulnerability scanning, and data loss prevention (DLP).
Graduate of Christian Brothers University with a concentration in Information Technology Management and Telecommunications.
|
Over 16 years of
banking experience including working in various departments of a multi-billion asset super community bank.
Graduate of the University of
Southern Indiana with a Bachelors of Science in Computer Information Systems.
Graduate of the Paul W. Barret Jr., Graduate School of Banking.
Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), and a Certified Information Security Manager (CISM).
Specializes in
risk management, IT Auditing, information security, business continuity, and Bank Secrecy Act Independent Testing.
|
Over 10 years of experience in the banking industry.
Former Senior Bank Examiner for State Banking Department (regulatory compliance, financial soundness, and risk management).
Former community bank COO where he also served as his bank's ISO.
Assists banks in IT Auditing and related risk management and information security issues.
Graduate of Arkansas State University with a B.S. in Finance.
|
Learn from four of the most experienced people in the industry. As consultants who are doing this work in client banks every week, your instructors can discuss practice, not just theory. Get expert interpretation, not just a reading of the regulations. Find out how information security incidents have been handled in banks across the nation and how you can protect your bank and mitigate information security risk effectively and affordably.
Venues
We are proud to partner with our friends at the Barret Graduate School of Banking (as CPE sponsor of the Germantown and Ridgeland events) and the Tennessee Bankers Association (hosting the Nashville event and serving as CPE sponsor) to present this continuing education that has been demanded by bankers and examiners. We hope you can attend one of these three events.
|
|
|
Ridgeway Country Club
9800 Poplar Avenue
Germantown, TN 38139
(901) 853-2247
|
Embassy Suites Hotel 200 Township Place Ridgeland, MS 39157 (601) 607-7112 |
TBA Barrett Training Center 211 Athens Way Nashville, TN 37228 (615) 244-4871 |
Recommended Hotels for Germantown event:
Hampton Inn, 1280 W Poplar Ave, Collierville, TN
Marriott Courtyard, 4640 Merchants Park Cir, Collierville, TN
Residence Inn, 9314 Poplar Pike, Germantown, TN
Hyatt Place, 9161 Winchester Rd, Germantown, TN
Recommended Hotels for Ridgeland event:
Event will be held in the Embassy Suites Hotel, 200 Township Place, Ridgeland, MS. We have a block of rooms reserved.
Other hotels in the Ridgeland area:
Hilton Garden Inn, 320 New Mannsdale Rd, Madison, MS
Home2 Suites by Hilton, 526 Evergreen St, Ridgeland, MS
Recommended Hotels for Nashville event:
SpringHill Suites Marriott Nashville MetroCenter* 250 Athens Way, Nashville, TN
Fairfield Inn & Suites*100 French Landing Dr, Nashville, TN
Hampton Inn & Suites Elliston Place 2330 Elliston Place, Nashville, TN
Hampton Inn Vanderbilt, 1919 West End Avenue, Nashville, TN
*Closest to TBA Barrett Training Center
CPE and Certificate
Receive Continuing Professional Education (CPE) credits (6.5 hours) and a certificate of completion. CPE Sponsors will have CPE forms available at the events so proper credits are processed and received.
MEALS: Continental breakfast, lunch, and refreshment breaks provided.
REGISTRATION FEE:
See registration pages for each event below.
TO REGISTER:
Click on the link(s) below to register and pay online or contact Lorri Zanella at 901.643.5562 (voice or text) or lzanella@sawyersjacobs.com (for the Germantown and Ridgeland events).
Or, just simply reply to this email with a "Count Us In" and designate the venue.
Note: The Germantown (Memphis, TN) and Ridgeland events are presented by Sawyers & Jacobs LLC with the Barret Graduate School of Banking as the CPE sponsor; therefore, these events are restricted to bankers and examiners (state or federal) only. The Nashville event is presented in conjunction with the Tennessee Bankers Association.
|
|
Sawyers & Jacobs LLC 1085 Halle Park Circle
Collierville, Tennessee 38017
(901) 487-2575 Phone
(866) 488-4933 Fax
|
|
|
|
|