Note: As we are a Preferred Service Provider for the Indiana Bankers Association and because Dan Hadaway is the facilitator for this conference, we want to make sure that we assist the IBA in getting the word out about this conference!
IT Security has become a full-time job in addition to the usual bank security issues. With identity theft increasing & information system breaches happening almost daily, bankers need answers on how to deal with the ever-evolving challenges of information security.
Please join us as we explore the wiles of hackers & the schemes they use to attempt to defraud your bank & customers. Security experts will heighten your awareness of recent trends seen in the industry, as well as protective measures for information security. Industry experts will provide you with the tips and tools that will help you counteract security risks. Don’t miss the opportunity to network with other community bank IT officers while learning from industry experts.
Register today! Space is limited!
WEDNESDAY, OCTOBER 12, 2011
8:30 – 9:00 a.m. Registration & Continental Breakfast With Exhibitors
Welcome & Opening Remarks
9:00 – 9:45 a.m. Security Trends: From Esau to Warsaw—How IT Has Changed the World
Presenter: Jim Rechel, President, The Rechel Group, Inc.
About the program: Identity theft is the underlying component to the vast majority of fraud schemes across the globe, and incidents throughout the past year provide opportunities to analyze your Information Security Program and look for trends. Jim Rechel will lead us through a fast paced analysis of the significant fraud events of the year and what it means to you and the administration of your bank’s IT and Fraud Mitigation efforts.
9:45 – 10:30 a.m. Hack Attack Live: Zeus and Zitmo
Presenter: TBD
About the program: We’ve known for quite some time that there are applications out there that can be used to very easily design malware, Trojans, and viruses. But have we ever seen this software. A representative from the FBI’s Cyber Fusion Center will be showing us some of the more notorious applications.
10:45 – 11:45 a.m. The Myths of Information Security
Presenter: Dan Hadaway, Managing Partner – Infotex, inc.
About the program: We’ve all heard them, often offered as excuses for NOT following policy or best practice. We’ve tried to break through them, often with horror stories or internal testing. But they’re still there, our users still believe them, and we need some way of breaking through them! Dan will discuss the Myths of Information Security and, more importantly, offer methods to overcome them!
12:45 – 1:45 p.m. Why Bankers Should Embrace Social Technology & Strategies for Risk Management
Presenter: Eric Cook, MBA, Certified Internet Business Consultant – WSI Internet Consulting
About the program: It’s no secret that sites like Facebook, YouTube, Twitter and the like continue to gain in popularity with the general public. As customers become more engrained in this type of “social interaction,” our ability as bankers to effectively communicate with them (when they want, & where they want) becomes challenged if we don’t have strategy in place to use social technology (but ensure we are using it the “right way”). This session will begin by sharing examples from banking and other industries on effective “business cases” as to why a financial institution should be prepared to embrace this new online, social world. But, since we are talking about banking, we’ll also discuss ways to help plan, prepare and mitigate risk so that we keep the bank & our customers safe in the process. As a former 15-year community banker himself, Cook has a unique perspective of all sides of the “social engagement” process.
2:00 – 3:00 p.m. Communicating Information Security News and Incident Response Planning
Panelist: Bank Panel
About the program: Banker’s Panel Discussion: Let’s talk about how to communicate bad news to the various corners of the bank ranging from management team members to the board to the media. Then we’ll talk about how we have adjusted our Incident Response Plan over the years, what has worked and what hasn’t.
3:00 – 4:00 p.m. Patch Management: A Look at Why WSUS Just Isn’t Enough Anymore!
Presenters: Ben Fishbune, Technical Analyst and Aaron M. Scicluna, Vice President of Strategy, VerityThree
About the program: In the past, Microsoft’s Windows Server Update Services (WSUS) once deployed would keep an organization relatively secure and the examiners satisfied but has this changed? Can a proactive patch management solution really boost employee productivity and increase profits? ABSOLUTELY! The rise of malicious code, system connectivity, and regulatory compliance has placed a significant burden on the end user and their organization. An effective patch management solution is no longer an added value but is being recognized as a baseline for the effective delivery of technology resources to the organization. If not successfully deployed and delivered, banks will absorb a great risk of financial, data, productivity, compliance…and eventually business loss. This session is a review of high level strategies as well as a technical deep dive into the world of patch management as it relates specifically to security, compliance, and third party application challenges in today’s banking world.
4:15 – 5:15 p.m. FFIEC Online Authentication Guidance – What Will Your Risk Assessment Say About Your Institution’s Readiness for 2012?
Presenter: Lori Moore, CRCM, Director of Compliance, ATTUS
About the program: When the Federal Financial Institutions Examination Council (FFIEC) recently published its Supplement to Authentication in an Internet Banking Environment it prompted many questions. But one thing was abundantly clear; the first and best place for financial institutions to start their preparations for 2012, and to maintain the ongoing security of their electronic banking activities, is with their Risk Assessment. As the core of your institution’s security plan, it has the power to say you’ve got this situation under control or you don’t. What will your Risk Assessment say about your institution? In this session, we will look at the key elements of a successful program.
5:15 – 6:15 p.m. Cocktail Reception with Exhibitors
– Open Bar and Hors d’oeuvres
THURSDAY, OCTOBER 13, 2011
8:00 – 8:30 a.m. Breakfast with Exhibitors
8:30 – 9:30 a.m. Payment Fraud: Emerging Scams/Fraud Trends in Payment Processing
Presenter: Rayleen Pirnie, Director, Compliance & Fraud Department, EPCOR
About the program: From Account Hijacking & Database Breaches, to hacking check and card data, cyber crimes are infiltrating our society and ultimately rely on our payment systems to launder stolen gains. After a high level review of some of the more costly types of fraud today, we will examine promising bank-side monitoring and mitigation techniques to protect banks and their customers, i.e. transaction monitoring, account monitoring, ACH positive Pay; we will examine available client-side solutions – i.e. virtual sessions, whitelisting, hardened encryption, etc.
9:30 – 10:30 a.m. The New and Manageable Risk Assessment
Presenter: Don Smith, CISM, CRISC, Chief Audit Executive – The Mako Group
About the program: In today’s high speed business environment, opportunities can vanish and threats can materialize – overnight. To remain viable, financial institutions must be able to identify, assess and respond to a host of challenges in real time. Risk Management must become second nature as a way of thinking across the organization. But the term “Risk Management” conjures visions of unmanageable spreadsheet formulas with an equal number of pages. In this session, we’re going to take risk management to a manageable level & drill down within certain banking products to produce an easy to read and understandable deliverable.
10:45 a.m. – 12:00 p.m. Regulator Panel
Presenters: FDIC, FED, OCC, IDFI, ODFI (Invited)
About the program: Representatives for each of the federal functional regulatory agencies as well from the State Department of Banking have been invited to discuss the deficiencies they are seeing in banks, and what they would like to see banks focus in the next couple of years from a compliance perspective. This is a chance to see what the focal points of your next on site examination might be.
12:45 – 1:30 p.m. Creating Your IT Audit Plan
Presenter: Phil Diekhoff, Supervising Consultant, IT Risk Services – BKD, LLP
About the program: Does your IT Audit Planning sound something like this? “I’d like the #2 Audit Plan, super-sized, with a diet coke.” Shouldn’t there be something more to an Audit Plan then just keeping the examiners happy? Is it just possible that a properly developed IT Audit Plan could be beneficial to the Bank? In this session we will look at the relationship between IT and the Bank, gaze into the IT audit universe, and discover how the Risk Assessment sets the course for the IT Audit.
1:45 – 2:45 p.m. Leveraging Wireless Devices for Cost Savings and Customer Engagement
Presenter: Eric Cook, MBA, Certified Internet Business Consultant – WSI Internet Consulting
About the program: Using a case study and hands on example, this session will focus on particular strategies banks can use when implementing the use of new wireless devices. The case study will focus on banks in Michigan that has just begun using iPads in the bank for cost savings. The savings on paper alone will give an ROI in under a year. They are using the iPads for loan committee meetings and other paper-intensive meetings and have given each of their board members an iPad for meetings and personal use. The hands on example will show you how to use a mobile marketing system with SMS to communicate to the “mobile customer” beyond the traditional mobile banking application for balance inquiries and funds transfers. A live demo of setting up message system and audience participation will show just how easy (and immediate) this communication channel can be.
2:45 – 3:45 p.m. Being Smart About the Risks of Wireless Banking
Presenter: Dan Hadaway, Managing Partner – Infotex, inc.
About the program: Whether your bank is going to be an early adopter of Wireless Banking technologies or not, the time to learn about, understand, and plan to mitigate the risks associated with this giant paradigm shift is now! The learning curve for this new technology makes on-line banking seem easy. Not only will Dan teach us the basics of Wireless Banking, but he’ll also help us understand the top risks we face, and steer us in the right direction when it comes to mitigating those risks.
3:45 p.m. Adjourn
CONFERENCE NOTES
Exhibit Area
As an additional benefit for attendees, an exhibit room will feature companies showcasing products and services of interest to the IT Security Officer. All coffee breaks, continental breakfasts and the cocktail reception will take place in the Exhibit Room so you will have plenty of opportunity to visit with the vendors and become aware of a number of IT Security Tools that can be used to streamline your operations.
Who Should Attend
Staff responsible for IT planning, budgeting and compliance including: Compliance Officers, Security Officers, Audit and Operations Personnel as well as Senior VP of Operations.
Certificate of Completion
To demonstrate your commitment to having a strong IT Security Program, individual program attendees will receive a “Certificate of Completion” for attendance at this 2 day conference.
Cancellation Policy
Within three or more business days prior to the day of an educational program, no cancellation charge will be assessed. Within two days prior, 50% of fee is assessed. Refunds are not provided for cancellations or absences, which occur on the day of the program. Substitutions are welcome at any time.
Note: Confirmation letters will not be sent, however, you may call the Association Office to verify your registration.
DATE, LOCATION & HOTEL INFORMATION
The IT Security Conference is being held at the Hilton Indianapolis North Hotel on October 12 & 13, 2011. Room rates are $104 based on single/double occupancy. To make your room reservations, call (317) 849-6668 or 800-HILTONS. The cut-off date for reservations is September 23, 2011. Any reservation received after the cut-off date will be accepted on a space or rate available basis.
REGISTRATION FEES
Members of IBA & CBAO & CBM
$495.00 for the first attendee
$350.00 each additional attendee
Non-Members
$745.00 for the first attendee
$600.00 each additional attendee
Registration fees include handout materials, continental breakfast, lunch, refreshment breaks each day and cocktail reception.
FOR ADDITIONAL INFORMATION AND TO REGISTER, PLEASE FEEL FREE TO CONTACT:
Laurie Rees
Vice President, Education & Training
Indiana Bankers Association
Telephone: 317-387-9380
Fax: 317-387-9374
[email protected]
Detailed Event Information (Including Registration Details)
