Top 10 Missing FFIEC Cybersecurity Assessment Controls
The FFIEC Cybersecurity Assessment process is here to stay.
At a minimum, most regulators are requiring financial institutions to complete an assessment on an annual basis.
This process includes a review of an institutions Inherent Risk Level, identification of currently implemented controls to reduce risk, and a gap analysis to identify additional controls needed to reach the institutions desired risk appetite.
Over 1000 financial institutions have completed their Cybersecurity Assessment using our complementary assessment solution. SBS has analyzed the results and identified the top 10 most common controls not implemented by financial institutions. Some of these are baseline maturity level controls which financial institution MUST complete regardless of their inherent risk score.
This session reviews these 10 controls, as well as practical solutions your institution can use to implement these controls. We will also discuss the next-steps beyond the assessment to provide a comprehensive cybersecurity framework which institutions can repeatedly follow.
- Cybercrime overview
- FFIEC CAT process
- Improving your ISP
- Governing cyber
- Top 10 missing baseline controls
- What to expect next with regulatory guidance
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, CIO, and Executives looking to understand the Cybersecurity Assessment process, common weaknesses in controls, and how to address them.
Chad Knutson is a Senior Information Security Consultant and serves as President of the SBS CyberSecurity out of Madison, SD. SBS is a leader in information security consulting for the financial industry in the US. SBS works with more than 900 banks around the country on information security services such as the development of Information Security Programs, Policies, and Risk Assessments, along with performing IT Audits, Penetration Tests, Vulnerability Assessment and other security services. Chad is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified in Risk and Information Security Controls (CRISC), and received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University. Chad has been with SBS since 2004 and has consulted with many financial institutions during this time.
Institute of Certified Bankers: Visit http://www.icbmembers.org/login.aspx for instructions regarding self-reporting. Estimated credits: 2.5 CE Credits
- Live Webinar which includes 5 Day On-Demand - $265
- Six Month On-Demand – $295
- Live plus Six Month On-Demand – $365
- CD-ROM (Includes Six Month On-Demand) – $345
- Premier (Includes all options) – $395
- Additional Locations – $75
Online: Click here.
Phone: Call Total Training Solutions at (800) 831-0678
Register online up to day of event. Earlier registration allows time to check your computer for an optimal experience.