Cybersecurity continuity: 10 steps for compliance and cyber risk management

Introduction

Despite the fact that a majority of United States organizations have experienced a cyber-attack either directly or through a vendor, U.S. businesses do not consistently address cyber threats. This webinar will help: (1) you focus on what you can control to mitigate litigation and reputational risk; (2) your organization create a culture of cybersecurity continuity; and, (3) ensure everyone in your Institution understands the role s/he plays in protecting information, customers, assets, other employees, and your corporate mission.

Despite the fact that a majority of United States organizations have experienced a cyber-attack either directly or through a vendor, U.S. businesses do not consistently address cyber threats. This webinar will help: (1) you focus on what you can control to mitigate litigation and reputational risk; (2) your organization create a culture of cybersecurity continuity; and, (3) ensure everyone in your Institution understands the role s/he plays in protecting information, customers, assets, other employees, and your corporate mission.

Why should you attend?

More than four thousand ransomeware attacks have occurred every day since the beginning of 2016, and the risk of such attacks for your Institution continues to steeply rise. Despite the fact that a majority of United States organizations have experienced a cyber-attack either directly or through a vendor, regulators have not issued a set of cybersecurity minimum standards; therefore, U.S. businesses do not consistently address cyber threats.

This webinar will help you focus on what you can control to mitigate litigation and reputational risk, which is to have and maintain a commercially reasonable IT infrastructure that is suitable and appropriate for your Institution’s risk profile. Discover how your organization can create a culture of cybersecurity continuity, which is achieved when a business’s people, process, and technology are aligned with secure execution of the business strategy.

Defining and communicating your Cyber Risk Management Regime is central to your Institution’s overall cybersecurity strategy, and all personnel must understand that they each have a role in protecting information, customers, assets, other employees, and your corporate mission. A 10-Step Checklist will be used throughout the session to help you learn how to design, implement, and monitor an efficient Cybersecurity Program.

When designing, implementing, and monitoring your Cybersecurity Policy, your Institution must be mindful of obligations under federal and state laws. We will therefore review proposed and enacted regulatory scrutiny at both levels of government, and all attendees will receive a 9-part complimentary Toolkit to help your Institution comply with these laws.

Learning Objectives

Prioritize Cyber Risk. Risks to Your Institution’s information and systems must be assessed with the same vigor as legal, regulatory, financial, and operation risks. Embed a Risk Management Regime across your Institution, supported by the Board and Executive Management

Existing Controls. Assess and document the controls and processes currently in place. Make note of the nature, sensitivity, and location of information your organization collects and/or stores, as well as existing databases, applications, and other assets

Written Cybersecurity Policy. Produce written security policies related to Network Protection, Malware Prevention, Secure Configuration of Systems, and Removable Media Controls. Establish relevant policies to comply with applicable laws and regulations

Incident Management. Create and test your written response and disaster recovery plans. Develop procedures for responding to actual or suspected cyber incidents (include a provision related to regulatory reporting)

Vendor Management. Conduct an assessment of cybersecurity measures employed by third-party providers. Determine whether vendor contracts address information and technology issues related to cybersecurity threats. If unauthorized access to sensitive information is of concern, your organization should consider purchasing cybersecurity insurance

Areas covered in the Webinar

Program Implementation & Monitoring. Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate an attack

Personnel Training. Effective implementation of your Cybersecurity strategy requires officer and employee training. Discuss identified cybersecurity threats, as well as preventative measures, and how to activate the response plan once an incident is detected. Routinely review the Cybersecurity Policy to ensure compliance

User Education & Awareness. Your organization should educate clients about measures they can take to reduce their accounts’ exposure to cybersecurity risks

Periodic Audit & Assessments. To prioritize existing cybersecurity vulnerabilities and mitigate internal and external cybersecurity threats, assess the impact a cybersecurity incident would have on your organization and review the effectiveness of your risk management structure

Program Maintenance. Your organization should continuously assess cybersecurity risks, and monitor and test your security controls to ensure your Cybersecurity Policy is tailored to the nature and scope of risks to your organization

Who Will Benefit?

Senior Leadership and Management, CTOs, CIOs, CFOs, CEOs, IT Officers and Staff, Risk Management Officers and Staff, Compliance Officers and Staff, Personnel Responsible for Third-Party Providers, Business Continuity Officers and Staff, and Human Resources Officers and Staff

Speaker : Carly Souther

Carly Souther is General Counsel and COO at Greg Souther Bank Webinars. She is a researcher for the International Center for Animal Law and Policy and an adjunct professor in the Master's of Animal Law and Society program at the Universitat Autonoma de Barcelona. Ms. Souther formerly served as Chief of U.S. Regulation at ECigIntelligence and was the Assistant General Counsel at Florida's Agency for Health Care Administration. She was a research fellow at the Center for Innovative Collaboration in Medicine and the Law of the Florida State University College of Medicine, and second-chair of the Juvenile Justice course at the Florida State University College of Law. Ms. Souther co-authored two chapters in environmental law textbooks, and has published on a wide range of issues in both legal and medical journals, including the Georgetown Journal on Poverty Law & Policy and the University of Iowa's Transnational Law & Contemporary Problems. She is co-founder, pro bono chair, and past president of Petagon International, Inc., and is a member of the Florida bar. She holds a Master's in Animal Law and Society from the Universitat Autonoma de Barcelona, a J.D. from the Florida State University College of Law, a B.A. in Political Science with a concentration in American Politics and a minor in Women & Gender Studies from Mercer University.

Time: 03:00 PM EST| 12:00 PM PST | Duration: 60 Minutes