Skip to main content

Webinars


Hacker Hours

Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, our free Hacker Hours aim to discuss banking issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.

Request Password


{Hacker Hour} Answering Common Questions About Vulnerability Assessments

{Hacker Hour} Answering Common Questions About Vulnerability Assessments

Date: Wednesday, April 24, 2019
Time: 2:00-3:00 PM CDT
Complimentary webinar series. 
Time not work for you? That's ok! All registrants will receive a recording of the webinar.


Description: Cybercriminals and software companies are in a race to the finish line - finding a vulnerability - with very different ideas of what winning the race means. Software companies are looking to cross the finish line first by identifying a vulnerability and releasing a patch to protect against an exploit. While the criminal is looking to "win" by exploiting any unpatched systems. As a result, we are seeing more organizations of all shapes and sizes looking to implement a more robust scanning program to identify any unpatched vulnerabilities and protect the integrity of their network.
 
Join SBS as we discuss the answers to your common vulnerability assessment questions and offer guidance on what you can do with your program.

 

Complete this form to register:

 

Trouble viewing the form? Register at https://attendee.gotowebinar.com/register/2239647309433797644.

{Special Request Hacker Hour} Understanding SOC2 Reviews Part 2

{Special Request Hacker Hour} Understanding SOC2 Reviews Part 2

Date: Wednesday, April 17, 2019
Time: 2:00-3:00 PM CDT
Complimentary webinar series. 
Time not work for you? That's ok! All registrants will receive a recording of the webinar.


Description: You asked for it.  You got it!  Join us as we host a second session on SOC 2 reporting.  We will take a deeper dive into the challenges of completing a SOC 2 review.

 

Complete this form to register:

Trouble viewing the form? Register at https://attendee.gotowebinar.com/register/3637371779437645581

{Hacker Hour} Develop a Better Understanding of SOC 2 Reporting

{Hacker Hour} Develop a Better Understanding of SOC 2 Reporting

Join us as we discuss the struggles that organizations have when dealing with SOC 2 reporting. We will review what a SOC 2 report entails, why they are important, tips on going through the review process, and how to read and document responses. Registrants will also receive a SOC 2 questionnaire.

{Hacker Hour} Business Email Compromise Investigations

{Hacker Hour} Business Email Compromise Investigations

Business email compromise (BEC) is a scam where an attacker sends an email that appears to be from an executive in an attempt to trick recipients into clicking a malicious link, sharing sensitive information, or even sending money directly to the attacker. The FBI recently warned that this type of attack has cost U.S. businesses more than $1.6 billion in losses over the past six years. In 2018 we saw BEC become one of the leading attack types, mainly because of how difficult it is to detect.

Join SBS as we discuss common BEC attacks, tips to tell your customers, and simple steps in an initial  BEC investigation.

{Hacker Hour} Key Components of Your Annual GLBA Report

Date: 2/6/19
{Hacker Hour} Key Components of Your Annual GLBA Report

The “Gramm-Leach Bliley Act” (GLBA), also known as the Financial Services Modernization Act of 1999, mandates that financial institutions protect the confidentiality and security customer personally identifiable financial information.  Communicating to the Board of Directors what was truly accomplished during the past year in an annual state-of-information-security report allows them to understand and approve how the organization is complying with GLBA. Creating a repeatable, specific GLBA report template will improve the efficiency of the reporting process and relieve some of the stress of aggregating all the data needed for a comprehensive report. 
 

Join SBS as we outline a comprehensive and repeatable template that can be used to build your own annual GLBA report. We will walk through the essential report components and troubleshoot common issues.

{Special Report Hacker Hour} FSSCC Releases New Cybersecurity Framework

{Special Report Hacker Hour} FSSCC Releases New Cybersecurity Framework

The FSSCC has released a new cybersecurity framework called the “Cybersecurity Profile.” The Profile is a standards-based tool to help guide financial services institutions in developing and maintaining a cybersecurity risk management program.  The new framework option has people asking a lot of questions:

  • How is it different than the Cybersecurity Assessment Tool?
  • Will it be used by US regulators?
  • Is it more efficient than the other frameworks on the market today?

Join SBS as we review the framework and provide answers to these and other common questions.

{Hacker Hour} Top Cybersecurity Trends to Watch in 2019

Date: 12/19/18
{Hacker Hour} Top Cybersecurity Trends to Watch in 2019

With the new year quickly approaching, it's time to start looking forward to what will be coming our way in the world of cybersecurity. Join SBS as we countdown the top cybersecurity trends to watch in 2019.

{Hacker Hour} True Cybersecurity Horror Stories

Date: 11/28/2018
{Hacker Hour} True Cybersecurity Horror Stories

While most horror stories are works of fiction designed to keep you up at night, the horror stories we will be sharing are real-life cybersecurity events with outcomes that will haunt your dreams if you aren't properly prepared. Join SBS, if you dare, as we wander deep into the dark and scary corners of cybersecurity, full of data loss, reputational damage, business closing, and financial devastation. We will share a variety of cybersecurity horror stories and what could have been done to prevent the unfortunate outcomes. 

{Hacker Hour} 2018 Security Awareness Round Table Discussion

{Hacker Hour} 2018 Security Awareness Round Table Discussion

We are bringing it back!  Last year, as part of our celebration of National Cybersecurity Awareness Month, SBS hosted a special Hacker Hour that featured a virtual security awareness round table.  We focused the discussion on building a stronger security culture in your organization. In the end, over 300 registrants shared ideas that we put into a free downloadable guide called "34 Unique Ideas to Create a Culture of Cybersecurity."

We would like to invite you to join us for this open discussion as we discover new security awareness ideas and techniques that are helping organizations create a stronger security culture.  An updated download documenting the 2018 ideas for creating a culture of cybersecurity will be shared following the webinar.

{Hacker Hour} Business Impact Analysis and Table Top Testing

Date: 9/26/18
{Hacker Hour} Business Impact Analysis and Table Top Testing

A Business Impact Analysis (BIA) is the first and most important step to creating an effective Business Continuity Plan, yet many organizations skip or skim through it. Join SBS as we examine the essential components of a simple, but powerful, BIA and discuss how your table top testing program can be used to verify that your BIA is sufficient.

{Hacker Hour} Preparing For Your Next IT Exam

Date: 8/29/18
{Hacker Hour} Preparing For Your Next IT Exam

The heavy adoption of the FFIEC CAT Tool, the release of the INTREX examination procedures, and the unrelenting focus on cybersecurity have caused financial institutions to be a little more anxious about their upcoming IT examinations. 

Fortunately, SBS works with institutions in nearly every state, so we have seen a very wide, but consistent, set of examination findings that your financial institution should know about.

Join this webinar as we discuss our experience and share some ideas of what you can do to better position your institution for a successful IT examination.

{Special Report Hacker Hour} Lessons From DEF CON 2018

Date: 8/23/2018
{Special Report Hacker Hour} Lessons From DEF CON 2018

Every year SBS send its finest to Las Vegas to the annual DEF CON convention, which is one of the oldest and largest hacker conventions around. These annual conferences feature presentations by leading ethical hackers, FBI, and NSA agents. Join this special edition hacker hour as we discuss what we experienced at 2018 DEF CON, and what could impact you in the near future.

Topics will include:
- Kids hacking voting machines
- Social engineering village
- New way of accessing online banking data using OFX 
- Bypassing two-factor authentication by hacking voicemail
- NSA warnings

{Hacker Hour} Creating a Data Flow Diagram

{Hacker Hour} Creating a Data Flow Diagram

According to our research, the development of a Data Flow Diagram (DFD) is one of the most commonly missed baseline statements in the FFIEC Cybersecurity Assessment Tool. Many organizations struggle to find the value in a DFD and have a hard time getting started.

Join SBS as we discuss the guidance around DFDs and walk through examples of how you can create a DFD for your organization - and get value from it.

NOTE: Unfortunately, we had technical difficulty with the video recording of the live Hacker Hour. A CyberByte video of the topic was recorded in its place.

{Hacker Hour} Getting Caught Up In The Dark Web

Date: 6/27/2018
{Hacker Hour} Getting Caught Up In The Dark Web

Research shows that 96% of the internet is not accessible by search engines like Google or Yahoo, and that number is growing at a much faster rate than the surface web. What does that mean for us? 

Join SBS as we get caught up with what is going on in the dark web. We will discuss how the dark web started, who uses it, and why everyone should be aware of what's lurking in it.

{Hacker Hour} Brushing Up On Corporate Account Takeover

Date: 5/30/2018
{Hacker Hour} Brushing Up On Corporate Account Takeover

It has been seven years since the term "Corporate Account Take Over" or CATO took the industry by surprise and challenged financial institutions to do more to help secure their small business customers. Is CATO still happening today? You bet it is. 

Join SBS as we review guidance centered on CATO and walk through recent types of CATO that are challenging financial institutions.

{Hacker Hour} Incident Response Round Table

{Hacker Hour} Incident Response Round Table

According to the latest Verizon Data Breach Report, there were over 53,000 security incidents and 2,200 registered data breaches in 2017, which is an increase of about 20% from the year prior.

The increased probability of your organization experiencing a cyber incident enhances the need to create and maintain an incident response plan that can detect, contain, and eliminate the issue, then fully recover business operations. All while minimizing the overall reputational and financial damage to the company.

Join SBS for this free webinar in which we will discuss best practices to write and test your incident response plan.  We will also walk through some common scenarios that should be considered in your plan.

{Hacker Hour} Taking Cybersecurity From the Basement to the Boardroom

{Hacker Hour} Taking Cybersecurity From the Basement to the Boardroom

Regulators have made it clear that cybersecurity risk management and oversight is ultimately the responsibility of the Board of Directors. In theory, it makes sense for the board to be interested and engaged in what is going on in cybersecurity, however, that is not the case in some situations. 

For this Hacker Hour, we went straight to the source. We asked a selection of past Hacker Hour attendees to share the most common issues they struggle with when communicating cybersecurity needs to their Board. The responses fell into three main categories: 

  • Frequency of FFIEC Cybersecurity Assessment completion and utilization of risk assessment data. 
  • Information that should be provided to the Board on a consistent basis. 
  • Tips for engaging and educating the Board. 

Join this month's Hacker Hour as we discuss how to boost cybersecurity from its hiding spot in the basement to a consistent topic in the boardroom.


Webinars

{GSB Webinar} GLBA Safeguards Rule Proposed Changes

Join us to review the proposed changes to the safeguard controls, scope of covered entities, how you can make comments on the proposed changes, and insight into the impacts on our banks, critical vendors, and business in our communities.

{TTS Webinar} Third Party and Fourth Party Management

Date: 5/22/19
In recent years, financial institutions have seen a significant amount of new guidance on third party risk management and new terms coined such as Fourth Party Management. We will explore best practices for Vendor Management, Third Party Risk Management, Fourth Party Management and Customer Risk Management.

{TTS Webinar} FFIEC Mobile Services Guidance Review

Date: 5/2/19
In addition to the guidance, we will explore applied risk management concepts for mobile banking solutions. Focus will include Mobile Risk Assessments, integration into Information Security Programs, Third Party Risk Management, and effective IT Auditing.

{GSB Webinar} Attacking the Human Element - Social Engineering

Date: 3/22/19
This discussion will highlight the advancements in cybercrime and social engineering that are targeting our people resources. Best practices will be discussed for processes necessary to improve the weakest links in our institutions.

{Webinar} FFIEC CAT vs InTREX

{Webinar} FFIEC CAT vs InTREX
In this presentation, we will review both FFIEC CAT and InTREx processes; best practices using each, comparison of their differences, and how to leverage them together.

{Webinar} FFIEC Cyber Compliance Update

{Webinar} FFIEC Cyber Compliance Update
A solid understanding of all the cybersecurity-related guidance released by FFIEC is key in ensuring all aspects of cybersecurity compliance are being addressed at your institution.

{Webinar} Vendor Management Process Improvements

{Webinar} Vendor Management Process Improvements
The FFIEC Cybersecurity Assessment guidance has introduced a new term for our risk management practice: External Dependency Management. We will explore this new term in our guidance and better understand the requirements provided.

{Webinar} Build a Better BCP

{Webinar} Build a Better BCP
This discussion demonstrates a practical approach to business continuity and disaster recovery that builds upon your IT risk assessment.

{Webinar} Information Security Program Frameworks

{Webinar} Information Security Program Frameworks
Your information security program can be more than a document created for compliance. We will help develop a program that provides your institution with clear direction and guidance that meets and exceeds regulatory expectations while addressing real-world risks.

{Webinar} Regulatory Pressure on Third Party Management

{Webinar} Regulatory Pressure on Third Party Management
FFIEC Cybersecurity Assessments Tool encourages financial institutions to expand questioning around third party risk management practices and suggests more rigorous oversight. This webinar will explore best practices for Vendor Management, Third Party Risk Management, and Customer Risk Management.

Demos

{Demo} Automate Your IT Risk Assessment

{Demo} Automate Your IT Risk Assessment
Demos are held on Thursday of each week. You can pick a date that works for you upon registering. Join this webinar to discover the power of TRAC and easily create your company's detailed IT risk assessment. Develop your inherent risk, residual risk, and future risk scores that help make sound business decisions.

{Demo} Automate Your Vendor Management Program

{Demo} Automate Your Vendor Management Program
Demos are held on Thursday of each week. You can pick a date that works for you upon registering. Join this webinar to discover the power of TRAC and how it centralizes and manages all of your vendor relationships. We will walk through the risk assessment and selection process, and discuss how TRAC can instantly improves your ability to manage vendors.

{Demo} KnowBe4: New School Security Awareness

{Demo} KnowBe4: New School Security Awareness
Demos are held on Wednesday of each week. You can pick a date that works for you upon registering. Join this webinar to view a demo of the software and learn how SBS can partner with you to create a stronger security awareness program.