Training

Fundamental Security: The Power of GLBA and FFIEC Compliance

Presented by Dell SecureWorks     75 Minutes    
Fundamental Security: The Power of GLBA and FFIEC Compliance
It's been more than 10 years since enactment of the Gramm-Leach-Bliley Act (GLBA). But the fundamental security tenets of GLBA are just as relevant today - especially as banking institutions look to conform to the recently released FFIEC supplement, "Authentication in an Internet Banking Environment."

Join banking and fraud experts George Tubin of GT Advisors and Jeff Multz of Dell SecureWorks for insights on security versus compliance, as they discuss:

  • The overarching principles of a comprehensive GLBA information security program;
  • How the updated FFIEC Authentication Guidance aligns with GLBA;
  • Key recommendations for deploying layered controls to ensure security and compliance.

See Also: Keeping Your Side of the Street Clean: 5 Cyber-Hygiene Facts You Wish You Knew Earlier

Background

The adage "Compliance doesn't ensure good security, but good security almost always ensures compliance" continues to ring true in 2012, as financial institutions seek to comply with the updated FFIEC guidance on online banking.

"Layered security" is a requirement of the new guidance released in 2011, but what does that really mean to banks and credit unions that are preparing for examinations? While financial institutions with an establised GLBA information security program and culture most likely were compliant with the new requirements before they were published, many banks and credit unions are still ill prepared to meet the examiners - and as a result, may lack fundamental security controls.

Consider the core requirements of GLBA's Safeguards Rule, which requires institutions to:

  • Develop a written information security plan;
  • Appoint at least one employee to manage the safeguards;
  • Conduct a risk assessment of on each department handling private information;
  • Develop, monitor, and test the information security program;
  • Amend safeguards as necessary with changes in how information is collected, stored and used.
Risk assessments, security controls and monitoring all are core components of the updated FFIEC Authentication Guidance, as well.

In this session, George Tubin, noted expert in banking security, fraud and compliance, will discuss the key elements of GLBA and the FFIEC guidance with an eye toward offering new insights on:

  • Strategies for ensuring both security and compliance;
  • A practical approach to layered security;
  • Regulatory trends - what to expect next for guidance.
Following Tubin's presentation, Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, will discuss the banking and security trends Dell SecureWorks is seeing and how institutions can respond to them.

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.


Around the Network

Why OT Security Keeps Some Healthcare Leaders Up at Night
Why OT Security Keeps Some Healthcare Leaders Up at Night
Why Entities Should Review Their Online Tracker Use ASAP
Why Entities Should Review Their Online Tracker Use ASAP
The State of Security Leadership
The State of Security Leadership
Inside Look: FDA's Cyber Review Process for Medical Devices
Inside Look: FDA's Cyber Review Process for Medical Devices
Threat Modeling Essentials for Generative AI in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare
Zero Trust, Auditability and Identity Governance
Zero Trust, Auditability and Identity Governance
Addressing Security Gaps and Risks Post-M&A in Healthcare
Addressing Security Gaps and Risks Post-M&A in Healthcare
Why Connected Devices Are Such a Risk to Outpatient Care
Why Connected Devices Are Such a Risk to Outpatient Care
Generative AI: Embrace It, But Put Up Guardrails
Generative AI: Embrace It, But Put Up Guardrails
Critical Considerations for Generative AI Use in Healthcare
Critical Considerations for Generative AI Use in Healthcare

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.