Webinars

Hacker Hour: The Rise of the vCISO
Date: Wednesday, April 28, 2021
Time: 2:00 PM - 3:00 PM CDT
Register: https://register.gotowebinar.com/register/7709702280854956301
Recording available.

The term vCISO (virtual chief information security officer) is a relatively new term being used in the cyber world, but the outsourcing solution itself is rather mature. The vCISO solution has been touted as an innovative way to help close the cybersecurity talent gap for organizations, but it's important to know that not all vCISO programs are created equal.

Join SBS as we discuss why the vCISO is on the rise and discover the pros and cons of considering this model for your organization in the future.

Most organizations rely on vendors that frequently develop and issue patches to correct bugs, improve performance, or enhance the security of their software. While organizations are looking to identify and protect against any identified vulnerabilities, cyber criminals are racing to exploit them before any patches are launched. 

According to the Ponemon Institute, 57% of cyber attack victims say an available patch could have prevented their breach. Even further, 34% of respondents were already aware of the vulnerability before they were attacked.  

Join SBS as we discuss the importance of patch management, what is holding organizations back from timely patching, and what you can do to help your organization improve its patch management program.

Join SBS as we walk through the process of conducting an internal penetration test and discuss some common findings and recommendations that can come from conducting such an activity.

The ability to respond quickly and effectively to a cyber incident can determine the overall financial and reputational impact on your organization. An Incident Response Playbook is designed to provide a step-by-step walk-through for the most probable and impactful cyber threats and ensure certain steps of the Incident Response Plan are followed appropriately.

 Join SBS as we walk through the seven steps to creating an Incident Response Playbook tailored to your organization.

Recent cyberattacks have proven that the ability to assess cyber incident response readiness is becoming a core competency for all businesses. A well-executed assessment structure with a repeatable program not only allows organizations to identify and properly respond to different attacks but also dramatically increases the speed at which the business can react. The quicker a business can react, the lower the impact that event has.

Join SBS as we discuss what steps you can take today to start assessing your incident response readiness and strengthen your organization's ability to respond.

Request Password | View Webinar

To test the effectiveness of network security controls, many organizations turn to penetration testing. The scope of testing typically depends on the maturity and goals of the organization. Many organizations rely on simple penetration testing, however, more and more are considering red team and even purple team testing.

Join us as we define the differences in red team and purple team testing and discuss which might be best for your organization.

 

Just like the weather, it seems as if cyber criminals switch up their tactics with the change in seasons. The SBS Incident Response Team is seeing a string of specific business email compromise (BEC) attacks that everyone should be aware of.

Join SBS as we discuss the spooky techniques that hackers are using this season to compromise your networks. We will share simple fixes you can deploy to ensure that you are not haunted by a compromise.

Hacker Hour: Vendor Review Walk Through
We live in a world where nearly every business function can be outsourced to some type of service or cloud provider. Adopting a more proactive vendor management process is essential in enabling organizations to make better business and vendor related decisions. Although completing reviews and managing each vendor relationship can be a tedious task, if done properly an organization can see great benefits and are better positioned to deal with disruptions or cybersecurity issues.

Join SBS as we walk through the process of conducting a vendor review and discuss how organizations can structure their overall vendor management program.

An IT risk assessment is one of the most valuable tools any business, no matter the industry, can utilize to identify and understand risk to make better business decisions. Many organizations have little guidance on how to properly complete a risk assessment or do not see enough value to keep the risk assessment up to date. Join SBS as we walk through five simple steps to completing the IT risk assessment and discuss how organizations can understand the results to provide more business value.

Title: Hacker Hour: Wake Up the Team! Getting Your People to Pay Attention to Cybersecurity Training
Organizations are spending increasingly more time and resources on cybersecurity. Despite the additional focus and investment, creating a “Culture of Security” continues to be an organization’s greatest challenge. Our frustration builds when we push out more training and our people continue to get caught by phishing, scams, and hacks. Join SBS and special guest Honey Shelton, training expert, as we discuss what you can do to ensure your training efforts result in better security awareness and make your “Culture of Security” meaningful!

Hacker Hour: Common Questions About Business Continuity Planning
Description: A business continuity plan is a strategic collection of documents, procedures, and other information that prepares a business for interruptions that arise from unexpected events or situations. Join SBS as we address the most common questions/issues that arise when creating and maintaining a strong business continuity plan.

Hacker Hour: Remote Work Security Assessment
Description: Remote work has been a trend in the workforce for years, but the COVID-19 pandemic reignited the growth and adoption of remote workers.  Organizations around the globe implemented a variety of innovative solutions to continue to serve customers and allow employees to work from home.  Unfortunately, organizations had to react quickly and skip certain security steps to make sure the business was able to operate. 

Join SBS as we discuss the most common steps that were missed and how you can ensure that your business has a handle on the security of remote work.  We will cover risk assessment, policy/programs, remote access testing, and more.

The COVID-19 pandemic has caused abrupt changes in operations for organizations around the world. The result has been the implementation of a variety of innovative solutions to continue to serve customers and allow employees to work from home. Collaborate with SBS and your peers for an interactive round table discussion focused on sharing innovative ideas and ways of leveraging technology that has kept our businesses running in a mostly virtual world. 

Cyber insurance has become a common risk mitigation strategy to lessen the financial impact of a cyber incident. However, it's not until an incident happens that we really think about the type of coverage we carry and how it affects our ability to recover.  Join SBS and Dickinson Law as we discuss common questions and issues that arise during an incident as well as what information you should know about your policy to quickly take action. Additionally, we will review a couple of case studies that cover real-world scenarios that will arm your institution against the next incident.

Many organizations are implementing valuable internal phishing programs in order to ensure their employees can spot and report phishing emails.  At some point, organizations struggle with how to continue to challenge their employees and keep the phishing emails fresh.

Join SBS as we discuss tips and tricks to keep your internal phishing program fresh and continually push the maturity level of your security awareness program.

The “Gramm-Leach Bliley Act” (GLBA), also known as the Financial Services Modernization Act of 1999, mandates that financial institutions protect the confidentiality and security customer personally identifiable financial information.  Communicating to the Board of Directors what was truly accomplished during the past year in an annual state-of-information-security report allows them to understand and approve how the organization is complying with GLBA. Creating a repeatable, specific GLBA report template will improve the efficiency of the reporting process and relieve some of the stress of aggregating all the data needed for a comprehensive report. 
 

Join SBS as we outline a comprehensive and repeatable template that can be used to build your own annual GLBA report. We will walk through the essential report components and troubleshoot common issues.

The FSSCC has released a new cybersecurity framework called the “Cybersecurity Profile.” The Profile is a standards-based tool to help guide financial services institutions in developing and maintaining a cybersecurity risk management program.  The new framework option has people asking a lot of questions:

• How is it different than the Cybersecurity Assessment Tool?
• Will it be used by US regulators?
• Is it more efficient than the other frameworks on the market today?

Join SBS as we review the framework and provide answers to these and other common questions.

Regulators have made it clear that cybersecurity risk management and oversight is ultimately the responsibility of the Board of Directors. In theory, it makes sense for the board to be interested and engaged in what is going on in cybersecurity, however, that is not the case in some situations. 

For this Hacker Hour, we went straight to the source. We asked a selection of past Hacker Hour attendees to share the most common issues they struggle with when communicating cybersecurity needs to their Board. The responses fell into three main categories: 

• Frequency of FFIEC Cybersecurity Assessment completion and utilization of risk assessment data. 
• Information that should be provided to the Board on a consistent basis. 
• Tips for engaging and educating the Board. 

Join this month's Hacker Hour as we discuss how to boost cybersecurity from its hiding spot in the basement to a consistent topic in the boardroom.

Join IBC and SBS to see the new look of TRAC and discuss how it can simplify the risk assessment process for your bank.

Join NCBA and SBS to see the new look of TRAC and discuss how it can simplify the risk assessment process for your bank.

The SolarWinds incident highlights significant future risks. Undoubtedly the doors are now open for attacks of a similar nature. But where do you start? How do you incorporate the lessons learned from this attack? Which processes need to be reviewed? Which vendor relationships need to be scrutinized? With your questions in mind, we designed a 90-minute webinar in which we will guide you through a step-by-step action plan. Jumpstart the review and redesign of your Information Security Program and join us on January 7 at 1:00 PM CST!

As details continue to unfold regarding the supply chain attack of SolarWinds, SBS experts want to help you make sense of the issue, assist your efforts to protect your networks. and understand how it affects your vendor relationships.

Join MBA and SBS to see the new look of TRAC and discuss how it can simplify the risk assessment process for your bank.

Join IBA and SBS to see the new look of TRAC and discuss how it can simplify the risk assessment process for your bank.

Join us for this brief webinar to learn more about the SBS Institute and how you can help your institution prepare for cybercrime.

Join Iowa Bankers Association and SBS to see the new look of TRAC and discuss how it can simplify the risk assessment process for your bank.

Join SBS and other bank leaders on a short webinar to learn how virtual CISO services can support your business goals and enhance your security team, allowing you to take technology in stride in your race to success.

Recording available. How can you allow employees to work from home and be secure at the same time? This session will cover five security tips for working remotely.

Before you know it, the calendar will turn to 2020.  There's still time to get your cybersecurity training in this year or put it on the books for 2020.

Our upcoming webinar is a quick, no obligation way to learn more about our Certified Banking Security Manager course and the many benefits of certification to you and your institution. See why so many banking professionals rely on SBS Institute for their security training and education.