Held Wednesday, October 21, 2020  | 8:30 AM - 4:00 PM CT
Fee: $249 - Full day of learning!
Recording available.
Register: https://attendee.gotowebinar.com/

This virtual conference is designed to provide interactive training on evolving cybersecurity threats and best practices for educating your people to ensure the security of the organization, customer information, and people. CyberRiskNOW: SAT Edition will cover the numerous groups that should receive security awareness training, the best areas to train on, and tactical training strategies. 

Not only will this virtual conference include live video from our presenters, but you’ll be able to interact with other attendees and with event moderators through our Virtual Lobby in Discord, as well as share information, best-practices, and tools you’re using at your organization. An invitation to join our CyberRiskNOW Discord server will be sent to all attendees prior to the conference. 

This event will also be recorded for later viewing in case you’re not able to attend live all-day or on the date. 

Agenda

8:30 AM: Event Lobby Opens 
8:50 AM: Welcome & Housekeeping 
9:00 AM: Best Practices for Training Your Employees 
9:50 AM: 10 Minute Break 
10:00 AM: Best Practices for Training Your IT/IS SMEs 
10:50 AM: 10 Minute Break 
11:00 AM: Best Practices for Training Your Customers 
12:00 PM: 60 Minute Lunch Break 
1:00 PM: Best Practices for Training Your Board and Executives 
1:50 PM: 10 Minute Break 
2:00 PM: Top Controls to Mitigate Risk, Including Cloud Security 
2:50 PM: 10 Minute Break 
3:00 PM: Guest ISO Panel Discussion + Q&A 
3:30 PM: Event Concludes 
4:00 PM: Event Lobby Closes 

Register: https://attendee.gotowebinar.com/

Hear from past event attendees!

"I love the format, it would be great even in "normal" times because of the flexibility and reduced travel time/cost that a remote conference can provide. This really has enduring benefits and is easier on the training budget." - Banker from Pennsylvania

"The contents were all relevant, easy to understand, and include great examples. All presenters were knowledgeable and have good presenting skills. Poll questions were good and a great way to interact with the audience.​" - Banker from Texas

"Lots of new information and a great review of known information. It also inspired thoughts and ideas that may not have been directly related to the topic at hand. The presentation topics and presenters were engaging and kept interest. The open communication with SBS staff in Discord and Q&A after each session was nice." - Banker from North Dakota

"Perfectly executed, excellent presenters and content." - Banker from Pennsylvania​

Speakers:

Jon Waldman CISA, CRISC	Chad Knutson CISSP, CISA, CRISC	Katie Shuck
Executive Vice President, IS Consulting and Co-founder SBS CyberSecurity President SBS Institute Read Bio	President, CISO, and Co-founder SBS CyberSecurity Read Bio	Cybersecurity Champion Graduate Cyber Defense Student CybHER Chief of Strategy

Session Descriptions:

Best Practices for Training Your Employees - Katie Shuck

Your employees are your first line of defense against today’s modern cyber attacks, especially social engineering attempts. Your employees can either be the weakest security link, or they can be a strong front-line. How you engage your employees regarding security awareness training and education can make all the difference. 

Gone are the days of asking your employees to watch one 60-minute video on phishing and expecting your employees to keep security at the top of their minds. Modern security awareness programs should focus on making cybersecurity a part of the daily routine of your employees, without running into cybersecurity overload. How do you accomplish such a feat? We’ve got some ideas. 

This presentation will cover the following areas/topics:  

• Why does employee training fail? 

• Security awareness topics to discuss 

• Modern security awareness tactics and techniques 

• Building a culture of accountability 

• Technical controls to mitigate employee risk (just in case) 

Best Practices for Training Your IT/IS SMEs - Chad Knutson

Now that we’ve talked about general employee security awareness training tactics and techniques, what should you do to keep your IT and information security professionals up-to-date on protecting everyone else, including your organization, employees, and customers? 

Turning your operational staff into subject matter experts (SMEs) on cybersecurity isn’t a one-time ordeal, especially with as quickly as the cybersecurity landscape changes. What are some options to continually invest in your SMEs, so they can stay current and continue to provide effective risk mitigation to your organization? 

Some of the key messages we'll discuss include: 

• Continuing Education 

• Webinars/Online Education 

• Conferences/Events 

• Certifications 

• Peer Groups/Mentors 

Best Practices for Training Your Customers - Jon Waldman

You might be thinking, “Train our customer!? That’s not our responsibility!” But considering that today, many of our customers are a direct connection to your organization and your funds in numerous ways, having ongoing security discussions with your customers might be one of the most effective ways to prevent your organization from losing money or suffering a data breach. 

While many organizations – especially those subject to regulatory guidance around IT/IS – have implemented solid cybersecurity controls, many of your customers (commercial or consumer) have not followed suit. For many organizations, a compromised customer represents a great deal of risk to your security. How might you have good security conversations with your customers? 

This presentation will cover the following areas/topics:  

• Top cybersecurity threats to your customers 

• Ideas for having good security conversations with your customers 

• Top 10 controls your customers should implement to mitigate risk 

Best Practices for Training Your Directors and Executives - Chad Knutson

An organization with a strong cybersecurity posture has to have a strong cybersecurity culture. Culture eats strategy for breakfast, lunch, and dinner. However, to be effective, a strong cybersecurity culture MUST start at the top of the organization.  

How can you help facilitate a strong cybersecurity culture? By training and educating the board and executive team about the most important aspects of cybersecurity and your organization. Additionally, you can give the top of the organization a framework for asking better cybersecurity questions and becoming a “credible challenge” to cybersecurity. 

This session will cover the following areas/topics: 

• Understanding the role of the board/executive team in cybersecurity 

• A framework for asking better cybersecurity questions 

• Known risk exceptions 

• Director/executive cybersecurity training ideas 

• Building a culture of cybersecurity at the top 

Top Controls to Mitigate Risk, Including Cloud Security - Jon Waldman

As organizations continue to shift operations, storage, and applications to the cloud, it’s important to note there are many pros and cons to cloud computing from a cybersecurity perspective. There are many operational efficiencies and benefits to gain from cloud computing, but as with anything new, cloud computing comes with additional risk. The good news is there’s always a way to mitigate the risk. 

In this session, we’ll break down some of the best cybersecurity controls to implement for any size and shape of organization, as well as the top cybersecurity controls for cloud computing. We’ll discuss: 

• The top cyber threats today 

• Top 5 controls to mitigate cyber risk for any organization 

• Top 5 controls to mitigate risk from today’s top cyber threats 

• Cloud computing pros and cons 

• Cloud computing control considerations 

Panel Discussion + Q&A (Guest CISO Presenters)

In CyberRiskNOW – SAT Edition, we’ve invited four (4) of the best information security professionals we know to share their stories and experiences with you, as well as answer any questions you have about the (C)ISO role.  

Our guest panel includes:

• Jason Cathey – Bank OZK, Little Rock, AR;
• Tim Ringley – Bank of Marion, Marion, VA;
• Ginny Harshbarger – NebraskaLand National Bank, North Platte, NE;
• Kitrina Kanaris, Peoples Security Bank & Trust, Scranton, PA