Held Wednesday, October 21, 2020 | 8:30 AM - 4:00 PM CT
Fee: $249 - Full day of learning!
This virtual conference is designed to provide interactive training on evolving cybersecurity threats and best practices for educating your people to ensure the security of the organization, customer information, and people. CyberRiskNOW: SAT Edition will cover the numerous groups that should receive security awareness training, the best areas to train on, and tactical training strategies.
Not only will this virtual conference include live video from our presenters, but you’ll be able to interact with other attendees and with event moderators through our Virtual Lobby in Discord, as well as share information, best-practices, and tools you’re using at your organization. An invitation to join our CyberRiskNOW Discord server will be sent to all attendees prior to the conference.
This event will also be recorded for later viewing in case you’re not able to attend live all-day or on the date.
8:30 AM: Event Lobby Opens
8:50 AM: Welcome & Housekeeping
9:00 AM: Best Practices for Training Your Employees
9:50 AM: 10 Minute Break
10:00 AM: Best Practices for Training Your IT/IS SMEs
10:50 AM: 10 Minute Break
11:00 AM: Best Practices for Training Your Customers
12:00 PM: 60 Minute Lunch Break
1:00 PM: Best Practices for Training Your Board and Executives
1:50 PM: 10 Minute Break
2:00 PM: Top Controls to Mitigate Risk, Including Cloud Security
2:50 PM: 10 Minute Break
3:00 PM: Guest ISO Panel Discussion + Q&A
3:30 PM: Event Concludes
4:00 PM: Event Lobby Closes
Hear from past event attendees!
"I love the format, it would be great even in "normal" times because of the flexibility and reduced travel time/cost that a remote conference can provide. This really has enduring benefits and is easier on the training budget." - Banker from Pennsylvania
"The contents were all relevant, easy to understand, and include great examples. All presenters were knowledgeable and have good presenting skills. Poll questions were good and a great way to interact with the audience." - Banker from Texas
"Lots of new information and a great review of known information. It also inspired thoughts and ideas that may not have been directly related to the topic at hand. The presentation topics and presenters were engaging and kept interest. The open communication with SBS staff in Discord and Q&A after each session was nice." - Banker from North Dakota
"Perfectly executed, excellent presenters and content." - Banker from Pennsylvania
CISSP, CISA, CRISC
Executive Vice President, IS Consulting
President, CISO, and Co-founder
Graduate Cyber Defense Student
CybHER Chief of Strategy
Best Practices for Training Your Employees - Katie Shuck
Your employees are your first line of defense against today’s modern cyber attacks, especially social engineering attempts. Your employees can either be the weakest security link, or they can be a strong front-line. How you engage your employees regarding security awareness training and education can make all the difference.
Gone are the days of asking your employees to watch one 60-minute video on phishing and expecting your employees to keep security at the top of their minds. Modern security awareness programs should focus on making cybersecurity a part of the daily routine of your employees, without running into cybersecurity overload. How do you accomplish such a feat? We’ve got some ideas.
This presentation will cover the following areas/topics:
Why does employee training fail?
Security awareness topics to discuss
Modern security awareness tactics and techniques
Building a culture of accountability
Technical controls to mitigate employee risk (just in case)
Best Practices for Training Your IT/IS SMEs - Chad Knutson
Now that we’ve talked about general employee security awareness training tactics and techniques, what should you do to keep your IT and information security professionals up-to-date on protecting everyone else, including your organization, employees, and customers?
Turning your operational staff into subject matter experts (SMEs) on cybersecurity isn’t a one-time ordeal, especially with as quickly as the cybersecurity landscape changes. What are some options to continually invest in your SMEs, so they can stay current and continue to provide effective risk mitigation to your organization?
Some of the key messages we'll discuss include:
Best Practices for Training Your Customers - Jon Waldman
You might be thinking, “Train our customer!? That’s not our responsibility!” But considering that today, many of our customers are a direct connection to your organization and your funds in numerous ways, having ongoing security discussions with your customers might be one of the most effective ways to prevent your organization from losing money or suffering a data breach.
While many organizations – especially those subject to regulatory guidance around IT/IS – have implemented solid cybersecurity controls, many of your customers (commercial or consumer) have not followed suit. For many organizations, a compromised customer represents a great deal of risk to your security. How might you have good security conversations with your customers?
This presentation will cover the following areas/topics:
Best Practices for Training Your Directors and Executives - Chad Knutson
An organization with a strong cybersecurity posture has to have a strong cybersecurity culture. Culture eats strategy for breakfast, lunch, and dinner. However, to be effective, a strong cybersecurity culture MUST start at the top of the organization.
How can you help facilitate a strong cybersecurity culture? By training and educating the board and executive team about the most important aspects of cybersecurity and your organization. Additionally, you can give the top of the organization a framework for asking better cybersecurity questions and becoming a “credible challenge” to cybersecurity.
This session will cover the following areas/topics:
Understanding the role of the board/executive team in cybersecurity
A framework for asking better cybersecurity questions
Known risk exceptions
Director/executive cybersecurity training ideas
Building a culture of cybersecurity at the top
Top Controls to Mitigate Risk, Including Cloud Security - Jon Waldman
As organizations continue to shift operations, storage, and applications to the cloud, it’s important to note there are many pros and cons to cloud computing from a cybersecurity perspective. There are many operational efficiencies and benefits to gain from cloud computing, but as with anything new, cloud computing comes with additional risk. The good news is there’s always a way to mitigate the risk.
In this session, we’ll break down some of the best cybersecurity controls to implement for any size and shape of organization, as well as the top cybersecurity controls for cloud computing. We’ll discuss:
Top 5 controls to mitigate risk from today’s top cyber threats
Cloud computing pros and cons
Cloud computing control considerations
Panel Discussion + Q&A (Guest CISO Presenters)
In CyberRiskNOW – SAT Edition, we’ve invited four (4) of the best information security professionals we know to share their stories and experiences with you, as well as answer any questions you have about the (C)ISO role.
Our guest panel includes:
- Jason Cathey – Bank OZK, Little Rock, AR;
- Tim Ringley – Bank of Marion, Marion, VA;
- Ginny Harshbarger – NebraskaLand National Bank, North Platte, NE;
- Kitrina Kanaris, Peoples Security Bank & Trust, Scranton, PA
Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, Hacker Hours are aimed to meet on a monthly basis to discuss cybersecurity issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.