WR Seminar: IT Security Incident and Forensic Preparedness

04/15/2013 - 04/15/2013

Newport Beach, CA

Stolen customer data, security breaches, and fraudulent or malicious employee activity all have two things in common: 1) The bank needs to be able to recognize, react, and respond in a timely and efficient manner, AND 2) The bank needs to be able to respond in a manner that follows industry standard procedures that are later repeatable and defensible as needed. This session will examine "Forensic Preparedness 101": what a community bank needs to have in place in order to be able to properly manage and mitigate the risks posed by these types of events. We will share case studies from our first-hand experience with network penetration assessments and hacker forensic investigations. Proper Forensic Preparedness includes documented policies and procedures, supported by configuration standards designed to manage controls and track activity across a variety of IT systems.

Learning Objectives:

  1. Participants will be able to describe critical elements of an incident and forensic response program that are often missing in a community bank.
  2. Participants will be able to describe the key attributes of a community bank that is prepared to react to and manage a breach of their IT systems or fraudulent insider mis-use.
  3. Participants will understand the key strategies required to properly react to and manage an incident and forensic response situation

Key Outcomes:

  1. Participants will leave with clear strategies for incident and forensic preparedness
  2. Participants will recognize strengths and weaknesses in their own banks ability to recognize, react and respond to security incidents
  3. Participants will leave with a strategy level "check list" designed to help start the process of defining their incident and forensic response program
  4. Participants will recognize which activities can be by internal bank staff resources, and which activities require the use of professionals with specialized expertise

Schedule

9:00-9:30 am Registration
9:30am-Noon Program
Noon-1:00 pm Lunch
1:00-4:30pm Program
4:30pm Adjourn

Who should attend: This is a management/strategy level session designed for IT management, IT system administrators, and internal audit or risk managers. Executives with responsibility for the banks IT organization will also benefit from this session.

Fees:
Members: $400
Nonmembers: $475

Location: 4685 MacArthur Court, 3rd Floor, Newport Beach, CA 92660

Hotel Information:

CIB has not secured a room block for this program. Should your travel plans require a room, please contact CIB directly at (800) 627-6613 or gocib@cib.org for a list of hotels within walking distance to the meeting location.