Samantha Torrez, Software Specialist, Tandem
Alexandria Fontana, Software Specialist, Tandem
Assessing the risks facing your organization is the first step in keeping information safe. In this pre-conference seminar, join Tandem staff to learn how to get the most out of your risk assessment templates and what role each model of assessment plays in your overall information security program.
8:30AM - 10:00AM
Information Security Risk Assessments with Tandem
In this pre-conference session, we will discuss the importance of the Information Security Risk Assessment, inherent risk vs. residual risk, how your information security practices and critical locations impact the types of risk you face every day, and why each threat must have its own unique risk management plan.
10:15AM - 11:30AM
Internet Banking Risk Assessments with Tandem
In this pre-conference session, we will discuss how to manage your Internet Banking Risk Assessments with Tandem, including our response to recent changes in guidance, associating appropriate information assets with your internet banking risk assessments, and the tools and resources you can use to protect your clients and organization from the risks involved with internet banking.
12:30PM - 2:00PM
Information Asset Risk Assessments with Tandem
In this pre-conference session, we will discuss the two-step process for creating asset-based risk assessments in Tandem, how to determine adequate controls for your threats, how to rate those control strengths for Likelihood and Potential Damage, creating effective risk management plans, and integrations with Tandem Audit Management.
Russ Horn, President, CoNetrix
/ Tandem
Leticia Saiid, Chief of Staff,
CoNetrix / Tandem
Cybersecurity is a critical area for financial institutions today. We need strong ISO’s and IT experts managing the information security programs for our banks and credit unions. This pre-conference seminar is designed for beginners to financial institution information security. During the sessions, we will review and discuss foundational regulations and guidance, components of an Information Security Program, key roles and responsibilities, and IT exam expectations.
8:30AM - 10:00AM
Regulatory Structure, Risk Management, and the Role of the ISO
In this pre-conference session, we will review legislation, regulations, and guidance related to information security, practice the foundational steps of risk management, and discuss the key roles around IT/cybersecurity with a focus on the role of Information Security Officer.
10:15AM - 11:30AM
Vendor Management, Business Continuity, and Incident Management
In this pre-conference session, we will look at vendor management’s ultimate purpose, discuss business continuity’s role in your organization, and review what elements are most important for incident management.
12:30PM - 2:00PM
Assurance & Testing, Educating Employees, and Reporting to the Board
In this session, we will wrap up the pre-conference track with the big picture of Assurance & Testing, and discuss the often forgotten communication elements needed for security awareness training and reporting to the board.
3:15PM - 3:45PM
MAIN SESSION
Welcome to KEYS
Leticia Saiid, Chief of Staff,
CoNetrix
/ Tandem
Join us in the general session room for the conference kick-off! In this quick session you will learn what’s new at KEYS, how to win prizes, and how to get the most out of your KEYS experience.
3:50PM - 4:30PM
TANDEM
Confessions of an Account Manager: What We've Learned Working with Tandem
Paul Hodnett, Account Manager,
CoNetrix
/ Tandem
Travis Boyd, Account Manager, CoNetrix
/
Tandem
Zachary Burkholder, Account Manager,
CoNetrix
/ Tandem
As the newest account managers with Tandem, we’ve learned a lot about Tandem, our customers, and best practices in the past year. From helpful resources to valuable learning experiences, we wanted to share what we’ve learned, and how it can be helpful to you as you use Tandem. Join Paul, Travis, and Zach as they discuss their Tandem education and how you can successfully use Tandem.
3:50PM - 4:30PM
RISK & COMPLIANCE
A Journey from Compliance-Focused to Modernized Risk Governance
Mark Gandy, Sr. Director, Chief Information Security Officer, Dow Chemical Employees' Credit Union
Come hear from a CISO about his journey from running a cybersecurity program that focused on compliance to modernizing with risk-based principles leveraging Tandem Risk Assessment. Mark will share how a specific set of changes improved risk assessing, result communicating, and audit planning. If you are looking to manage risk-based governance, maintain compliance, and improve communications with boards, this is the session for you.
3:50PM - 4:30PM
CYBERSECURITY
How to Address the Most Frequently Found Security Issues
Bret Mills, Audit & Security Consultant, CoNetrix Security
Missy Oliver, Information Security & Compliance Consultant, CoNetrix Security
/ Boost Consulting
You found what!!! Ain’t nobody got time for that! We take care of one security problem and another one pops up. How can we get ahead of these? Join this session to look at the most frequently found security issues we see facing financial institutions and gain the auditor vs the consultant perspective on what we can do to address them. Come ready to talk, discuss and fellowship, ‘cause we are just a bunch of fellows in the same ship.
4:40PM - 5:20PM
TANDEM
All About Third Parties
Jonathan Garner, Software Specialist, Tandem
Have you found yourself asking the question, “What are third parties and how do I manage them in Tandem?” Maybe you’ve had questions about the differences between third parties and vendors. If you have, you’re not alone! Join Jonathan as he covers the idea behind implementing Third Parties, what they are, what products they integrate with, and who can manage them.
4:40PM - 5:20PM
RISK & COMPLIANCE
7 Ways to Transform How You Report Cybersecurity
Alyssa Pugh, GRC Content Manager, Tandem
How can you best communicate complex concepts with a less technical audience? This is a sought-after skill in the security community, as cybersecurity improvements often require buy-in from outside parties. With an emphasis on practical experience and real-world application, join this session to discover seven ways you can grow your skills and transform how your cybersecurity reports are received.
4:40PM - 5:20PM
CYBERSECURITY
The Human Element of Cybersecurity
BJ Taylor, Information Security & Compliance Consultant, CoNetrix Security
/ Boost Consulting
In today’s cybersecurity environment the bad guys are defeating our controls as fast as we can develop them, as a result, a layered security approach is essential. Often the most vulnerable layer of security is the human layer… the layer we tend to invest the fewest dollars when it comes to cybersecurity. In this session, we will focus on practical ways to integrate cybersecurity into your corporate culture, including starting at the top, training the person not the employee, and making training a continuous process.