2018 Cybersecurity Workshop

Cybersecurity attacks on credit unions have become exceedingly more regular, complex, and targeted. In this workshop, we will discuss ransomware, malware, and the precautions credit unions should take to protect themselves and their members.

What Can I Expect to Learn?

  • What are the most important issues in cybersecurity that are threatening credit union information systems and network infrastructure?
  • Why is their data so important to criminals and how they are using it?
  • Types of attacks and advance persistent threats.
  • What areas are under attack? How do you defend yourself?
  • Review the latest FFIEC guidance.
  • Share proactive strategies and best practices.

Who Should Attend?

IT staff, presidents, CEOs, EVPs, programmers, managers, operations officers, chief risk officers, compliance officers and any professionals who deal with technology issues are encouraged to attend.

Date & Location

Houston, May 22

The Westin Houston, Memorial City
945 Gessner Road
Houston, TX 77024
Register

Business casual dress is appropriate. Bring a jacket or sweater as room temperatures vary.

Lodging

The Westin Houston, Memorial City
Room Rate:
$169 (single/double) plus tax
Room Rate Deadline: Monday, April 23, 2018
Book Your Room Online
Reservation Line: 800-937-8461 (indicate you are with the Cornerstone Credit Union League group)

An early departure fee of one night’s room and tax will apply if an attendee checks out prior to the confirmed check-out date.

Reservation requests received after Monday, April 23, 2018 will be accepted on a space available basis at the hotel published rates.

Schedule

This tentative schedule is subject to change.

Tuesday, May 22, 2018
8:00 a.m. - 8:30 a.m. Registration & Continental Breakfast
8:30 a.m. - 9:30 a.m.
Opening General Session: Evolution of the Cybersecurity Examination Program
Patrick Truett, NCUA
9:30 a.m. - 9:45 a.m. Networking Break
9:45 a.m. - 10:45 a.m. Panel Discussion: How to Deal with Cybersecurity While Leveraging Compliance with Best Practice
Patrick Truett, NCUA; Troy Kyle, First Abilene FCU; Travis Llewellyn, Communication FCU; Moderated by Idrees Rafiq, Credit Union Resources, Inc.
10:45 a.m. - 11:00 a.m. Break
11:00 a.m. - 3:00 p.m.
Virtual Tabletop Exercise (VTTX) & Lunch
National Credit Union ISAO & Department of Homeland Security Cyber Incident Response Virtual Tabletop Exercise
National Credit Union ISAO & Department of Homeland Security
3:00 p.m. - 3:15 p.m. Networking Break
3:15 p.m. - 4:30 p.m.
Closing General Session: Current State of Cybersecurity Affecting Financial Institutions
Special Agent Orlan Streams, FBI
4:30 p.m. Safe Travels Home

Sessions & Speakers

Opening General Session: Evolution of the Cybersecurity Examination Program

Patrick Truett, NCUA

This session covers a brief history of why the FFIEC developed a Cybersecurity Assessment Tool and how the tool has evolved.

How NCUA will use the fundamentals of the CAT to develop its cybersecurity examination tool and begin assessing the state of cybersecurity in the industry.

Common missteps observed when credit unions complete the CAT.

What to do with the results of your self-assessment.

Panel Discussion: How to Deal with Cybersecurity While Leveraging Compliance with Best Practice

An open discussion over the how’s, why’s and, best practices of using the ACET/CAT as seen by our panel members as well as how compliance can be help instead of a hindrance.

Patrick Truett, NCUA; Troy Kyle, First Abilene FCU; Travis Llewellyn, Communication FCU; Moderated by Idrees Rafiq, Credit Union Resources, Inc.

Patrick TruettAbout Patrick Truett

Patrick Truett recently returned to the field with the NCUA as a Regional Information Systems Officer in Region IV. He worked for the previous eight years as an Information Systems officer in the NCUA Office of Examination and Insurance (E&I). In E&I he was responsible for developing and implementing NCUA’s policies, examiner training, and exam work programs related to credit union cybersecurity and information technology usage. He began his career with NCUA in 1999 as an examiner. Patrick was part of the Agency's first group of Information Systems and Technology Subject Matter Examiners in 2002. From 2002-2010, he was a Regional Information Systems Officer for NCUA’s Southeast region (III). Most recently, Patrick has been highly involved with the FFIEC’s cybersecurity initiatives. This included development of the FFIEC Cybersecurity Assessment Tool and automating it for use with the NCUA examination program. Patrick completed his undergraduate studies at The University of Texas at San Antonio and earned an MBA from the University of Tennessee with concentrations in Finance and Management Information Systems.

 

Troy KyleAbout Troy Kyle

Troy is the President and CEO of First Abilene Federal Credit Union. He is responsible for all operational functions, delivery of products and services, and execution of marketing, product, technology, and operations initiatives. Prior to joining First Abilene, Troy spent 20 years in information technology roles in financial services. Most recently, as the Vice President of Information Technology for Public Employees Credit Union and Sr. Vice President & Chief Information Officer for Capitol Credit Union, both located in Austin, Texas. He has served on the Catalyst Corporate Council, Fiserv DDS Advisory Group, and has been a participant in Q2eBanking’s Collaborate events. Troy holds a Bachelor of Science in Computer Science and a Bachelor of Arts in Classics from the University of Texas. He has also completed graduate work in Global Business at St. Edwards University. He is a Cisco Certified Network Professional, Microsoft Certified Systems Engineer, and VMWare Certified Professional in Data Center Virtualization.

Travis LlewellynAbout Travis Llewellyn

Travis is the Director of Networking and Security for Communication Federal Credit Union.  He was their Network Administrator for 13 years and has been in his current role for 5.  Prior to joining Communication Federal Credit, he owned and operated a systems and networking consulting company.  Travis has 30 years of experience with computers, networking and security.  He graduated from OSU with a Bachelors in Information Assurance and Forensics.

 

Idrees RafiqAbout Idrees Rafiq

Idrees is the assistant vice president of IT Consulting with Financial and Technology Resources, Credit Union Resources, Inc. In this position, Idrees provides information technology auditing, security, policy development, risk assessments, and compliance consulting. He specializes in leveraging IT and security-related issues with compliance, marketing, vendor management, business continuity, and other business operations specific to credit unions ranging from $2 million to more than $2.5 billion in assets. He serves as the league liaison on the CUNA IT Council’s Executive Committee and the Cornerstone Credit Union League IT Council’s Executive Committee. He is an active contributor of the Credit Union Resources blog, the daily Leaguer, and Perspectives magazine publications, serves on the CUNA’s Cybersecurity Advisory Board, and he serves on the Southwest CUNA Management School faculty. Notably, Idrees also serves on the executive leadership board of the National Credit Union Information Sharing and Analysis Organization (NCU-ISAO), a national group founded to advance credit union cyber resilience by providing a sustainable infrastructure connecting public and private-sector stakeholders that support security information sharing, coordinated response, education, and discounted products and services. Idrees earned his MBA in management from Our Lady of the Lake University and graduated Delta Mu Delta with the International Business Honor Society. He also holds a BAAS and a Bachelor of Business Management from Howard Payne University.

Virtual Tabletop Exercise (aka VTTX): National Credit Union ISAO & Department of Homeland Security Cyber Incident Response Virtual Tabletop Exercise

National Credit Union ISAO & Department of Homeland Security

This exercise will raise awareness of cyber risk management, cyber related planning, and other issues related to cyber incident prevention, protection, and response.  The purpose is to:

  • Enhance the cyber resilience of credit unions.
  • Examine cybersecurity information sharing processes during both steady-state and incident response.
  • Discuss plans, policies, and procedures that guide cyber incident response actions.
  • Discuss credit union resources and capabilities required to respond to a cyber incident.

Closing General Session: Current State of Cybersecurity Affecting Financial Institutions 

Special Agent Orlan Streams, FBI

Current state of cybersecurity affecting financial institutions and real life examples

Continuing Education Opportunities

Cornerstone is pleased to announce the opportunity to earn CPE credits through the National State Board of Public Accountancy.

CPE Certificate (for CPAs):  Participants may earn up to 7.0 CPE credits
Field of Study:  Information Technology - Technical

Program Level:  Basic

Pre-requisites:  No prerequisites or advanced preparation required.

In order to be awarded the full credit hours, you must be present, registering your attendance and departure on the attendance sheets at the registration desk.

National Registry of CPE SponsorsThe Cornerstone Credit Union League is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org.

Certificate of Attendance

Requests for certificates of attendance are processed after the event. Contact Lori Schirpke-Jordan, Director, Training & Events, at 800-442-5762 ext. 6639 or email lschirpke-jordan@cornerstoneleague.coop for additional information or questions.

Please specify type of certificate needed.

Educational Investment

Attendee Type
 
Early Bird Rate
(on or before 04/06/2018)
Regular Rate
(after 04/06/2018)
Technology Council Member $325 $525
Non-Technology Council Member $375 $575
Non-Member (CUs in Cornerstone region only) $650 $650

Online registration closes May 18. On-site registration will be available.

Limited number of registrations available. Register early to secure your seat. Your investment includes sessions featuring sought-after speakers, a luncheon, continental breakfast, and all refreshment breaks.

*Save Money by Becoming a Technology Council Member!

Join the Technology Council and receive a $50 discount on registration!

Registrant Cancellation Policy

Substitutions are always welcome. Registration fee refunds (less a $50 processing fee per person) are granted for cancellations received in writing by Aril 6, 2018.

Workshop Cancellation Policy

If registrations are less than 20 three weeks out, or unforeseen circumstances occur, the workshop may be cancelled. In event of cancellation, all registrants will be notified via email and phone calls. An update will also be placed on CSCUL websites and through social media channels. Paid fees will be refunded.

Grant Assistance

The Cornerstone Credit Union Foundation is accepting grant applications for League training events based on financial need. Applications must be received by application deadlines. Please visit the Foundation’s website to view all grant applications, guidelines and deadlines. Contact Emily Moreno, Foundation Grants Manager, at 469-385-6483 for more information.

Questions?

If you have physical, medical, or dietary needs requiring special attention, please contact us for proper arrangements to be made. 

For more information regarding administrative policies, such as attendance, complaints and refunds, please contact Training & Events at 800-442-5762 ext. 6630, or Lori Schirpke-Jordan at 800-442-5762 ext. 6639.