Recently, FFIEC announced the formation of a working group to further promote coordination across federal and state banking regulatory agencies on critical infrastructure and cyber-security issues. Cyber security breaches are at an all-time high. More hackers are attacking networks than at any other time in our nation’s history. The Gramm-Leach-Bliley Act requires credit unions to design, document, and implement an information security program to fend off these attackers. In fact, eighteen months ago, the FFIEC issued guidance titled Supplement to Authentication in an Internet Banking Environment to further develop the documentation requirement of the information security program at credit unions. This important guidance reinforces the reality that credit unions must have a documented risk management framework and a documented layered information security program commensurate with identified risks.
This seminar will outline what credit unions should do to design and document an effective information security program. It will review the important regulation to ensure your credit unions can produce the necessary documentation for management, auditors, and examiners. Many credit unions struggle with efficient ways to document security policies, procedures, standards, and guidelines. This informative seminar will aid your credit unions in documenting an information security program that meets regulatory scrutiny, yet is maintainable even with limited resources.
- Blueprint for an information security program customized for credit unions
- Leveraging risk assessment and IT auditing to define and test your information security program
- Review minimum documentation set
- Security policy, procedures, plans, and standards
- Configuration standards
- Construction of a network diagram
- Meeting minutes
- Security awareness documentation
- FFIEC IT handbooks to create information security program documentation
- FDIC officer’s questionnaire
- Information security documentation best practices
- Information security program documentation tool demonstration
- TAKE-AWAY TOOLKIT
- Sample policy template
- Minimum documentation checklist
- Employee training log
- Quiz you can administer to measure staff learning and a separate answer key
Attendance verification for CE credits provided upon request.
Who Should Attend?
This informative session is best suited for COOs, CEOs, chief risk officers, chief information officers, chief technology officers, information security officers, chief auditors, chief compliance officers, operations officers, board members, IT personnel, and anyone responsible for internal audits.
ABOUT THE PRESENTER – Dr. Kevin Streff, Secure Banking Solutions
Dr. Streff is the Director of the Center for Information Assurance at Dakota State, which has been recognized by the National Security Agency and The Department of Homeland Security as a national center of academic excellence in information assurance. Dr. Streff has extensive knowledge of the financial services industry, including banking, insurance, and credit operations, and speaks nationally on security issues and solutions relevant to small and medium-sized financial institutions. He is the founder and managing partner of Secure Banking Solutions, a security consulting firm focused on improving security in financial institutions across the country. Dr. Streff is also President of InfraGard - South Dakota, a partnership program between private industry and the U.S. government (represented by the FBI). He has testified to Congressional committees on behalf of small and medium-sized financial institutions regarding cyber security issues affecting their organizations.
|Over $75 million
|$25 - 75 million
|Under $25 million
Scholarships are available for all KCUA education events. Scholarships pay 100% of registration fee for credit unions under $25M, 50% for credit unions between $25-$75M and 25% for credit unions over $75M.