We patch outdated operating systems, vulnerable software programs, and firmware on hardware devices, but how do we patch people? Hardware and software programs generally do as they are instructed, but people do not and can easily fall victim to social engineering attacks. Education and training can be our process to patch our people.
During our session, we will explore traditional ways education has been deployed and look to improve those processes with more advanced and effective methods of patching our people. We will also look at best practices for addressing similar issues with business customers and highlight common educational practices.
One major objective of this session is to highlight the need for continual educational programs for people. Historically, we have trained people for an hour, every 365 days. Now compare this to patching our IT systems, some do that monthly. A continual educational program will enable better decision making by employees, board members, and customers every day. Ensuring continual reminders and awareness to critical banking issues.
Topics Will Include:
- Employee, Board, and Customer training models
- Weaknesses in compliance based approach to education
- Implementing a risk based approach
- Building an effective policy
- Key elements of improved security awareness and training programs
- Integration with social engineering test
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, and Executives looking to understand the risk around Social Engineering and how to mitigate people risk.
Instructor
Jon Waldman is a co-founder and Senior Information Security Consultant for SBS CyberSecurity, LLC, a premier cybersecurity consulting and audit firm dedicated to making a positive impact on the banking and financial services industry.
He maintains his CISA and CRISC certifications and received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University.
Over the last ten years Jon has helped hundreds of financial institutions across the country create and implement comprehensive, valuable, and manageable Information Security Programs. He also conducts webinars and certification programs for the SBS Institute. |