• Overview
  • Program
  • Sponsors

Thank you to everyone who attended our event.


The world is focused on the next phase of the pandemic, calling it "the new normal." We think it's going to be everything but normal.

Current risk frameworks may not be built to support the radical changes financial institutions are confronting. For example, remote work was the exception, but it has quickly become the norm.
The rapid digitization of products and services presents both business opportunities and new risks such as fraud. And the acceleration of timelines for adopting technologies like digital currencies and artificial intelligence presents novel security challenges.

Join our two-day virtual summit to stay at the forefront of these new technology trends and emerging paradigms so your firm can become a master of adaptation.

A mix of live and on-demand sessions covering relevant topics around:

  • Fraud
  • Governance, Risk Management and Compliance
  • Digital Currency
  • Advanced Technologies and Techniques 
  • Cloud/Virtual environments

*** Please note that FS-ISAC members can attend at no cost. 

testimonials

 

Program

14 October

11:00AM ET

Turning the Tables: A fireside chat with Nathaniel Popper, finance & technology correspondent for the New York Times

Nathaniel Popper, author of 'Digital Gold: Bitcoin and the Inside Story of the Misfits and Millionaires Trying to Reinvent Money'

Event Toggle Arrow

Known for his in-depth coverage of fintech, nathaniel_poppercryptocurrencies and online crime, Nathaniel Popper will sit with Teresa Walsh, FS-ISAC's Global Intelligence Officer, and share his views on the future of digital currencies and the implications for the global financial system, as well as his experiences dealing with dark web criminals and crypto kingpins around the world. This session will include a Q&A with attendees.

How Real-Time Collaboration During COVID-19 Saved the Day

Gavin Landless, VP Risk Management, Empower Federal Credit Union | Steven Wallstedt, Head of Information Security and Business Continuity, ABN AMRO Holdings USA LLC

Event Toggle Arrow

Within weeks of the global COVID-19 pandemic, financial institutions around the world had to move hundreds of thousands of employees outside the firewall of their offices. Faced with the unprecedented challenge of rapidly moving all operations remote, institutions dealt with significant security risks during the transition period. By using FS-ISAC’s Mattermost-powered chat app Connect, member companies were able to share information directly with each other and get quick answers to critical, time-sensitive questions. During this session, security leaders from member firms will share their experiences during COVID-19 and the importance of real-time communication channels during a crisis.

Join to learn:
• The benefits of real-time, peer-to-peer chat during a crisis
• What the response to COVID-19 looked like for small and large financial institutions
• How organizations can better prepare for black swan events in the future

The moderator for this panel is Corey Hulen, CTO of Mattermost.

 

F3EAD-ing Defenders Delicious Attackers

RiskIQ

Event Toggle Arrow

The F3EAD (find, fix, finish, exploit, analyze and disseminate) cycle is an alternative intelligence cycle used in military operations that typically result in lethal action, such as drone strikes and special forces operations. Some of the same principles can be applied to cyberdefense programs. This session will review how organizations can better understand the maturity of their cyberdefense teams using a maturity roadmap as well as how to train cyberdefense teams to be attackers themselves.

Best Practices for Managing Cyber Risk within the Supply Chain

BlueVoyant

Event Toggle Arrow

Financial services firms are frequent targets for cybercriminals because of valuable information contained in their databases. Today, as institutions outsource more functions, the risk of a cyber-attack breach increases even more. Third parties often do not protect data with the same vigilance as financial institutions. As the number and variety of vendors have increased, so, too, have the risks. The extended ecosystem is under threat. This session will review how to manage cyber-risks within the supply chain, providing attendees with best practices from industry peers that are successfully tackling supply-chain risk head-on.

Moving Fusion Forward: Using Cloud and Analytics to Stay Ahead

Booz Allen Hamilton

Event Toggle Arrow

Today’s attack surface is expanding. Workforces are dispersed. Having the ability to pivot and leverage the cloud through analytics provides a comprehensive view of your institution's fleet, regardless of where it runs, is critical. Fusion centers that are built on cloud-based analytics will define the industry standard for the next 10 years. Institutions that fail to meet this new fusion-center model will be left behind and seen as low-hanging fruit by sophisticated threat actors. This session will provide actionable recommendations around how to secure a fleet in a multi-content-security-policy world, by reviewing real-world examples of tactics for leveraging analytics in the cloud. Additionally, learn best practices for using artificial intelligence and machine learning to reduce alert fatigue. 

Data Science and Identity and Access Management

MassMutual

Event Toggle Arrow

Data science is fundamentally transforming cybersecurity, specifically, Identity and Access Management Programs. This transformation requires a shift in the way that security teams implement controls. In this session, attendees will learn how establishing behavioral models and continuously measuring them against user actions, anomalies can be detected and treated in real time, without human intervention. Resulting in a better user experience for the customer and better security at a cheaper cost.

15 October

10:00 AM ET

The Human Element. Connecting People with Technology

Shira Rubinoff, author of 'Cyber Minds' & cybersecurity executive

Event Toggle Arrow

41wNPvz27WLShira Rubinoff, an expert in the human factors of information technology and cybersecurity, will deliver an interactive session that explains how incorporating psychology and culture into cybersecurity strategies provides a competitive advantage in an everchanging world. Rubinoff will provide tips for developing tools and frameworks that can help companies navigate their cybersecurity journeys through post-pandemic reality.

To learn more about Shira, read her bio here.

Let’s Automate Brand Protection

JPMorgan Chase

Event Toggle Arrow
The number of phishing attacks increased dramatically in the second quarter of 2020 demonstrating a dire need for automated solutions to combat this attack vector. Financial institutions require a robust and timely system for detecting, triaging and mitigating the risk of these cyber threats. Presenters will share how they used SOAR and SIEM platforms to develop a workflow and allow for automated processing of suspicious indicators that can result in the rapid resolution of phishing.

First Millennials And Now Gen-Z ? How to Attract and Retain Top Talent

MassMutual & CVS Health

Event Toggle Arrow
Just like the threat landscape continues to evolve and change, so does the workforce. With a projected workforce shortage in the cybersecurity field of nearly 2 million by 2022, it is imperative to think creatively on how to recruit and retain top talent. Untapped potential exists with the Millennial and Gen-Z generation, however hiring managers may have unfounded assumptions this presentation seeks to debunk while also offering techniques to use to keep these individuals engaged, motivated and essential assets.

Wrangling Phish Kits and the Phishers Behind Them

American Express

Event Toggle Arrow
Phishing kits used by threat actors leave downloadable copies of the phishing kits on servers. The kits themselves contain several security holes that leave the captured PII open on the servers. Attendees will learn about phishing kits that allow for the recovery of stolen data as well as enabling other organizations to develop similar tooling developed from OSINT sources. Organizations can use recovered PII from the phishing kits to protect their customers from fraudulent activity and potentially identify the actors involved to share with law enforcement.

Increase Diversity and Decrease Racial Bias in Cyber Security: Trends and Techniques

Bank of America

Event Toggle Arrow

Today's cyber security threats require a diverse skill set to defend our institutions. More pressingly organizations need increased creativity and difference of thought to respond to these attacks. Numerous studies have shown the importance of diversity in experience to influence this creativity. Panelists in this discussion will focus on the current state of colorism (skin color bias) in technology. They will also discuss the efforts underway to address this as a community and as an individual firm. This includes an overview of opportunities to partner externally to increase diversity, as well as looking internally at policies for traditional technical language that is racially insensitive.

Speakers:
  • Betsy Brady, Global Business Information Security Officer, Bank of America
  • Laura Deaner, Chief Information Security Officer, S&P Global
  • Laura Jones, Director of Governance, Risk and Compliance, Hearst