As fraud and other cybercrimes continue to evolve, the task of protecting your credit union is becoming more complex. Join us to explore a variety of popular and important cybersecurity topics to learn the latest strategies and tactics on how to keep your data safe.

NASCUS members receive CUNA member pricing.
To register by email, contact hello@cuna.coop or call 800-356-9655.

Who Should Attend
This eSchool is beneficial for I.T. and compliance professionals, C-Suite, risk managers and anyone needing cybersecurity training.

---

TOPICS INCLUDE

Cybersecurity 101 for Beginners
Pre-recorded // Available September 3, 2021
Speaker: TBA

For the new cybersecurity officers, new C-Suite executives, board members and new examiners, the Cybersecurity 101 session is a crash course in the cybersecurity basics every credit union executive and examiner must know.

Learning objectives:

• • Learn the requirements of Part 748 and the GLBA
  • Understand basic terminology of the cybersecurity space
  • Learn the fundamental components of cybersecurity
  • Discuss CIS best practices
  • Understand how cybersecurity requirements are woven throughout the enterprise

---

Cybersecurity Strategy
September 24, 2021 // 11:00 a.m.-12:30 p.m. CT
Speaker: TBA

Session description coming soon.

---

Developing & Strengthening an Information Security Policy
Pre-recorded // Available September 24, 2021
Speaker: TBA

Developing and implementing an information security policy is a crucial element of a sound cybersecurity program that helps ensure an enterprise wide coordination on risk mitigation. Whether you have a policy in place or need to create one, join this session to learn about key aspects of a policy and how to avoid common missteps.

Learning objectives:

• • Define an information security policy and understand how it plays into a cybersecurity program
  • Learn about the aspects of an information security policy
  • Understand how to get started in creating a policy, or improving a policy already in place
  • Learn about common missteps in policy development

---

Information Systems and Assurance: InTREX CU
Pre-recorded // Available September 24, 2021
Speaker: NCUA

NCUA is shifting away from performing cybersecurity maturity assessments using ACET, to implementing a version of IT and cybersecurity examination procedures used by the FDIC, the Federal Reserve System, and many state bank regulators. This credit union modified platform, InTREX CU will become the primary tool of NCUA and many state examiners. In this session, NCUA will familiarize attendees with InTREX CU and discuss the ongoing role of ACET for credit unions.

---

Involving the Board in Cybersecurity
October 5, 2021 // 2:00-3:30 p.m. CT
Speaker: TBA

The credit union Board of Directors has an important role to play in the institution’s cybersecurity posture. But how do you ensure the Board is fully engaged? This session will survey the Board’s regulatory responsibilities and explore tips for how to engage the board and bring them along in creating a culture of cybersecurity at the top. The session will also explore the implications of cybersecurity responsibilities for board governance.

---

Strengthen Weak Links: Build Employee Awareness
Pre-recorded // Available September 24, 2021
Speaker: TBA

When it comes to cybersecurity, the human link will always be the weakest link. A momentary lapse in employee awareness can have catastrophic consequences for the credit union. This session will explore ways to enhance employee awareness and strengthen the human link.

Learning objectives:

• • Build an understanding of the importance of employee awareness
  • Understand the risks of not building awareness
  • Learn the key components of an employee awareness program
  • Learn how to create a program

---

Incident Management Program
October 12, 2021 // 2:00-3:30 p.m. CT
Speaker: TBA

Knowing how to respond to a cyber incident is just as important as planning to prevent a cyber incident. Credit unions need a robust Incident Management Program to guide them through the chaos of a cyber incident and provide employees with a roadmap forward. This session will survey the key elements of a cyber Incident Management Program.

Learning objectives:

• • Define incident management
  • Understand the important pieces of a program
  • Learn best practices in developing or improving a program
  • Gain tips on training employees on incident reporting
  • Learn how to exercise the program so when a real incident happens, all are ready to respond

---

Anatomy of a Ransomware Attack
October 19, 2021 // 2:00-3:30 p.m. CT
Speaker: TBA

Ransomware attacks are increasing at an exponential rate, up 120% year over year. Furthermore, these attacks are increasingly being accompanied with not just encryption of the victim’s data, but data exfiltration as well. This session will focus on policies, procedures and planning needed if your network falls victim to a ransomware attack. How does the attacker make contact? How do you respond? Is it smart, or ethical, to pay the ransom? How do even go about arranging for payment if that the course you take? Discuss all these issues and more in this thought-provoking session.

---

Cybersecurity and the Bank Secrecy Act
Pre-recorded // Available September 24, 2021
Speaker: TBA

The nexus of cybersecurity and the Bank Secrecy Act (BSA) has never been clearer than during the pandemic. The proliferation of fraud and cybercrime combined with a renewed emphasis on using technology to enhance BSA compliance tied the information security and criminal monitoring components of the cyber and BSA departments together. In this session, attendees will discuss the nexus of cyber and BSA and explore practices and procedures that enhance the cooperative nature of both functions.

---

Working Smarter: Leveraging Technology in Your Cybersecurity
October 26, 2021 // 2:00-3:30 p.m. CT
Speaker: Adlumin

From hardware authentication to user behavioral analytics, maximizing technology is essential for “working smarter” for cybersecurity. This session will provide an overview of a variety of technology solutions for safeguarding and monitoring the network, authenticating users, and helping employees manage their security credentials.

---

Security Frameworks
Pre-recorded // Available September 24, 2021
Speaker: TBA

Cyber defense relies on a framework to properly manage critical security controls. Various frameworks, such as NIST (National Institute of Standards and Technology) and CIS (Center for Internet Security) among others are industry options. Understanding the various frameworks available and tips for narrowing the search will be discussed during this session.

Learning objectives:

• • Gain an overview of various frameworks
  • Understand the importance of having an overarching framework in place
  • Learn how to get started in picking a framework Learn implementation best practices

---

Maximizing Your Security in the Cloud
November 2, 2021 // 2:00-3:30 p.m. CT
Speaker: Fiserv

As more credit unions look to cloud solutions for data storage and management, the importance of understanding interplay of cybersecurity and cloud computing grows exponentially. This session will focus on the latest trends in cloud computing and survey the security considerations of migrating data to the cloud.

---

Threat Hunting
November 9, 2021 // 2:00-3:30 p.m. CT
Speaker: TBA

Session description coming soon.

---

Legal Perspectives on Cybersecurity
Pre-recorded // Available September 24, 2021
Speaker: TBA

This session will explore the current legal landscape related to cybersecurity, including liability for losing members’ data and claims if a 3rd party loses credit union data. In addition to surveying relevant litigation, the session will also review best practices for 3rd party contracts to ensure your information is protected by your business partners, best practices for internal responses to a cyber incident to maximize legal protection for the credit union, and review state specific information security laws.

---

Also Available

All live event registrations include credit union access to the recorded event. You may also purchase the recorded event separately. Click here to see more about purchasing the recorded event.