Speaking Events


California Credit Union League
March 17, 2008 - Monterey California

Maryland Bankers Association
March 19, 2008 - Annapolis, Maryland

Ohio Bankers League
March 26, 2008 - Columbus, Ohio

Tennesse Bankers
April 8, 2008 - Nashville, Tennessee

Ohio Bankers League
April 16, 2008 - Columbus, Ohio

Illinois Credit Union League
April 18, 2008 - Chicago, Illinois

Texas Bankers Association:
April 21-22, 2008 - Dallas, Texas
April 23-24, 2008 - San Antonio, Texas

Montana Bankers
April 25, 2008 - Great Falls, Montana

Wisconsin Credit Union League
May 9, 2008 - Madison, Wisconsin

Florida Credit Union League
June 13, 2008

Illinois Bankers Association
June 27, 2008 - Chicago, Illinois

NAFCU
July 10-12, 2008 - San Diego, California

CUNA
September 22, 2008 - Florida


Speaking Topics

  1. Developing and Information Security Program to Meet Regulatory Requirements and Best Practices
    This presentation focuses on developing an information security program, why you need one (applicable laws and best practices), key elements of the program, how to implement layered controls, and adverse effects for not implementing an appropriate program and controls.
  2. Information Security Risks and Financial Institutions
    Presentation is focused on understanding information security risks and threats, current headlines, why you need to protect your institution, who is responsible for security, what are layered security controls, and what do the regulators say.
  3. Preparing for Your Next IT Examination
    Insight into core examination procedures, highlights IT security, operations, ebanking, disaster recovery, and vendor management.
  4. FDIC IT RMP Procedures
    Review of the FDIC new IT RMP procedures, the work program and questionnaire.. How to prepare for your up coming FDIC examination.
  5. Internet Security Risks and Solution Options
    Presentation focuses on understanding cyber security risks and threats, assessing the risks and origins to facilitate a layered security plan, and layered security options to combat the risks.
  6. Phishing, Pharming, and More
    Easy to understand exploration and discussion of phishing, pharming, and man-in- the-middle attacks, web site defacements, and more., current statistics, and what can be done.
  7. Preparing for your next IT Security Examination
    Learn what should be in a proactive security examination, including understanding and developing a risk assessment, managing outsourced partners and more.
  8. Not On My Watch...Bringing True Security to Web-Based Systems
    Learn the best practices to implement and how to achieve the appropriate layers of control, monitoring, and testing. Includes a brief discussion of US regulations and impact on the financial services industry.
  9. How to Effectively Manage Your Outsourced Partners
    The regulators now require a vendor management program, learn what needs to be in the program starting with a risk assessment and what is required to appropriately and effectively monitor your outsourced relationships.
  10. What is a Risk Assessment and How Do You Perform One?
    Presentation will walk through what a risk assessment is, why do you need to perform one, what are the steps, and provide a sample matrix.
  11. What is an Incident Response Plan
    Presentation will walk through the requirements of an incident response plan, where do you start, what are the key elements, what is required by the regulators and best practice.
  12. Developing a Business Continuity and Disaster Recovery Plan
    Learn what is required for an acceptable BCP/DRP. What should be included, where do you start, what are the key elements.
  13. WiFi
    Presentation will cover benefits and risks of implementing WiFi in your institution, best practices and controls to secure, and how the regulators view its implementation.
  14. Most Common IT Examination Findings
    Presentation covers the most common IT audit and examination findings regardless of size of institution, charter, or regulatory agency and will help you prepare for your next examination.
  15. Data Leaks Happen, Are You Protected?
    Electronic communication has become an essential and effective means for organizations to conduct business. However, along with the ease of transacting business and the global reach it provides, comes the risk of data leakage. The protection of PII is a critical issue and is mandated by not one, but numerous complex and sometimes confusing regulations. What is required, which laws apply to what entities, what is necessary to be compliant? Not instituting proactive tools for monitoring, reporting, and controlling the risk of unauthorized access or disclosure can result in substantial fines, prison sentences, and or increased regulatory scrutiny. This presentation will focus on regulatory and best practice components for securing and monitoring electronic communications.
  16. IT Security for the Board of Directors
    Protecting an institution's information assets is mandated by regulation and requires an ongoing security program to ensure customer confidence and trust, compliance with law, and shielding the institution's reputation. This security process should be designed to identify, measure, manage, and control risks to data and systems. The responsibility for ensuring an appropriate risk management system is in place lies ultimately with the board. Therefore, it is imperative that the board understand the risks and subsequent safeguards to properly govern and maintain a secure environment.
  17. Regulatory Landscape: Past vs. Future
    Over the last several years we have seen an influx of new regulations directed at security and safeguarding information assets. Just what are those regulations? What is required? Looking back at 2006, how did we do, what were the most common IT examination and audit findings? Where are we headed in 2007? What will be the "hot topics" for examinations and audits? Are there technologies available that should be considered to improve security and help meet compliance with the mandates? This seminar will focus on regulation past and present as well as the most common IT audit and examination deficiencies of 2006. We will also look at some of the threats to information assets present and future, and what the experts are saying; and what the regulators concerns are for 2007.