New York Bankers Association

2017 Cybersecurity 2.0

Picture1Cybersecurity Leadership Seminar for Banking Professionals

Date: September 11-13, 2017
Location: Pioneer Bank Training Room, 652 Albany-Shaker Road, Albany

Brochure | Registration


Why This Course?

Cybersecurity is about protecting our institutions, customers and communities from those who seek to do us harm. Cyber-attacks have the potential to affect our national security, economic growth and consumer confidence. Every financial institution,  regardless of size or geographic location has a responsibility to enhance their cyber resilience and strengthen their security  posture.

The Cybersecurity Leadership Seminar for Banking Professionals will provide participants with the tools and knowledge required to enrich their existing information security program, champion cybersecurity and transform their institution.

Every participant will bring back to their institution ready to use cybersecurity templates, addendums, instructions and checklists including:

  • Cybersecurity BOD dashboard report template
  • Cybersecurity strategic plan template
  • Cybersecurity risk appetite statement template
  • Threat intelligence policy template
  • Information sharing policy template
  • Cybersecurity vendor due diligence checklist
  • Cybersecurity vendor contract addendum
  • Cybersecurity awareness program syllabus
  • Cyber incident response resources
  • Evidence handling instructions
Who Should Attend?

Designed for information security, risk management, audit, and technology professionals, this seminar is perfect for anyone who has been tasked with designing, managing, implementing, assessing, or auditing a Cybersecurity Program. IT experience is welcome but not necessary. No tech talk!

What Can I Expect?

Three full days of thought-provoking discussions, engaging individual and group exercises, research and professional development. Each day begins promptly at 8:30 am.

Course At A Glance

Part 1—Cybersecurity Management: Governance, Policy and Strategy, and Managing Risk

Topics include understanding the differences between information security and cybersecurity, complying with laws and regulations, maturity modeling, effectively using the FFIEC cybersecurity assessment tool, developing cybersecurity strategic plans, constructing risk appetite statements, building metrics and measures, and board reporting.

Part 2—Cybersecurity Partnerships: Third-Party Relationships and Training & Awareness Programs

Topics include diagramming cyber connections and boundaries, cybersecurity due diligence, what to expect  from SSAE 16 audit reports, evaluating penetration and
vulnerability test results, contracts and agreement best practices, creating a culture of cybersecurity awareness,delivering executive briefings, communicating with
customers, and community outreach.

Part 3—Cyber Incident Resilience Preparation, Response, Notification, and Recovery

Topics include the attack disruption, the maze of threat intelligence, information sharing, actionable analysis, notification guidance, insurance legal protocols, evidence handling, forensic best practices, and civic engagement.

Program Facilitator: Sari Greene

Picture2Sari is a cybersecurity practitioner, author, educator and board member.  She works closely with the security community, law enforcement, and victims of cybercrime. She is the  author of “Security Programs and Polices: Principles and Practices,” which has become a standard in undergraduate and graduate  programs worldwide. She was the expert witness in the groundbreaking ‘PATCO v. Ocean National Bank’ case. She serves on the Sage Data Security Board of Directors as well as the Bangor Savings Bank Board of Directors.