Cybersecurity in 2018: The Toughest Year Yet for the Finance Industry

One of the biggest business risks to the financial service industry is cybercrime. Cybercriminals are after banking and financial credentials, trading and investor information or strategies, consumer data, business and tax filing, fraudulent redemptions and more. Breaches can result in financial loss, disruption of operation, compromised confidential information and reputational damage. This significant risk has prompted regulators to put a stronger focus on cybersecurity in 2018.

The SEC added a cybersecurity unit in late 2017 and on February 21, 2018 issued new guidance to assist public firms in preparing disclosures about cybersecurity risks and incidents. This guidance focuses on the importance of cybersecurity policies and procedures and ensuring that senior management considers cybersecurity risks as a part of their fiduciary care. Finally, it includes guidance on timely breach notification to senior management, timely notification and disclosures to investors and trading blackouts following a breach in these policies. The guidance builds on the SEC’s 2018 annual priorities, which include Governance and Risk Assessment, Access Rights and Controls, Data Loss Prevention, Vendor Management, Training and Incident Response.

In addition to the SEC guidance, financial firms will also have to navigate new state level regulations like the NYCRR 500 – with many requirements coming into effect between January and September 2018 – and global regulations like General Data Protection Regulation (GDPR) which came into effect in May 2018.

In this talk, we will discuss how to navigate regulations and explore cyber-attack trends, best practices, and proactive measures to reduce your cyber threat profile, mitigate risk, and avoiding regulatory investigations and investor disclosures.

During this presentation, you will learn:

• Why regulators are putting a focus on cybersecurity in 2018
• New SEC cybersecurity guidance and what it means for firms
• Other cybersecurity regulations impacting the financial industry
• How to incorporate cybersecurity into your business strategy
• How to reduce your cyber threat profile, mitigate risk and avoid regulatory investigations and investor disclosures

Speaker:

Eldon Sprickerhoff, Chief Security Strategist and Founder, eSentire
Eldon Sprickerhoff is the original pioneer and inventor of what is now referred to as Managed Detection and Response (MDR). In founding eSentire, he responded to the incipient yet rapidly growing demand for a more proactive approach to preventing and investigating information security breaches. Now with over twenty years of tactical experience, Eldon is acknowledged as a subject-matter expert in information security analysis. Eldon holds a Bachelor of Mathematics, Computer Science degree from the University of Waterloo.

This event is limited to Manager Members of AIMA.
To register, please contact [email protected]

Sponsored by: