From GLBA to the ID Theft Red Flags Rule, information security awareness is a lynchpin of banking regulatory guidance. Register for this webinar to learn:
The fundamentals of an information security education program;
How to structure your program to satisfy the requirement and the need;
How to prepare and deliver an effective training program.
The Interagency Guidelines Establishing Information Security Standards, per Gramm-Leach-Bliley Act (GLBA) of 2001, require each banking institution to have a comprehensive written information security program that includes administrative, technical and physical safeguards appropriate to the size and complexity of the bank. This program must include security awareness training to inform personnel of information security risks associated with the activities of personnel, as well as responsibilities of personnel in complying with bank policies and procedures designed to reduce such risk.
More recently, the ID Theft Red Flags Rule, which went into effect in 2008, requires proof of ID theft awareness programs for institution employees and customers.
So, how does an institution deploy an education program that both meets the regulatory mandate and the workplace need? That question is the focus of this presentation, which offers hands-on advice on topics such as:
Fundamental components of an information security education program;
Setting goals, creating content and leveraging media effectively;
How to prepare and deliver good awareness materials.
Former Dir. Information Security Risk Management, First Republic Bank
Bill Sewall is an Information security, compliance and risk management specialist with 30 years experience as a corporate attorney and general counsel, CIO, information security officer, and operational risk manager.
Prior to First Republic Bank, Sewall spent 10 years as a senior executive information security officer in Citigroup, including management of the IS training and awareness program and responsibility for the Citigroup IS Policy and Standards.
Over the course of his career as a business manager, he has built data centers, lead development and systems groups and managed audit and assessments in such areas as GLBA, SOX and Basel II.