Training

Fundamental Security: The Power of GLBA and FFIEC Compliance

Fundamental Security: The Power of GLBA and FFIEC Compliance
It's been more than 10 years since enactment of the Gramm-Leach-Bliley Act (GLBA). But the fundamental security tenets of GLBA are just as relevant today - especially as banking institutions look to conform to the recently released FFIEC supplement, "Authentication in an Internet Banking Environment."

Join banking and fraud experts George Tubin of GT Advisors and Jeff Multz of Dell SecureWorks for insights on security versus compliance, as they discuss:

  • The overarching principles of a comprehensive GLBA information security program;
  • How the updated FFIEC Authentication Guidance aligns with GLBA;
  • Key recommendations for deploying layered controls to ensure security and compliance.

See Also: Digital Evolution and Fraud Evolution: How to Keep Up with the Changing Times

Background

The adage "Compliance doesn't ensure good security, but good security almost always ensures compliance" continues to ring true in 2012, as financial institutions seek to comply with the updated FFIEC guidance on online banking.

"Layered security" is a requirement of the new guidance released in 2011, but what does that really mean to banks and credit unions that are preparing for examinations? While financial institutions with an establised GLBA information security program and culture most likely were compliant with the new requirements before they were published, many banks and credit unions are still ill prepared to meet the examiners - and as a result, may lack fundamental security controls.

Consider the core requirements of GLBA's Safeguards Rule, which requires institutions to:

  • Develop a written information security plan;
  • Appoint at least one employee to manage the safeguards;
  • Conduct a risk assessment of on each department handling private information;
  • Develop, monitor, and test the information security program;
  • Amend safeguards as necessary with changes in how information is collected, stored and used.
Risk assessments, security controls and monitoring all are core components of the updated FFIEC Authentication Guidance, as well.

In this session, George Tubin, noted expert in banking security, fraud and compliance, will discuss the key elements of GLBA and the FFIEC guidance with an eye toward offering new insights on:

  • Strategies for ensuring both security and compliance;
  • A practical approach to layered security;
  • Regulatory trends - what to expect next for guidance.
Following Tubin's presentation, Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, will discuss the banking and security trends Dell SecureWorks is seeing and how institutions can respond to them.

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.


Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.