2018 FINRA Cybersecurity Conference Agenda

2018 FINRA Cybersecurity Conference

The FINRA Cybersecurity Conference helps you stay current on today’s cybersecurity challenges and the ways in which organizations can understand vulnerabilities and threats, and create resilience against cyber attacks. Whether you are the Chief Information Security Officer, an IT professional, compliance officer or business owner, you will learn from leading experts in the industry and participate in engaging sessions to leave you with valuable information to help you protect your organization.

Thursday, February 22

8:00 a.m. – 9:00 a.m.

Registration and Breakfast


8:00 a.m. – 4:45 p.m.

Cybersecurity Solution Exhibitors


9:00 a.m. – 9:15 a.m.

Welcome Remarks: Steve Randich, FINRA Office of the Chief Information Officer


9:15 a.m. – 9:45 a.m.

Keynote Address: Jeff Lanza, Retired FBI Agent


9:45 a.m. – 10:00 a.m.

Networking Break


10:00 a.m. – 11:00 a.m

Concurrent Sessions I

Chief Compliance Officer’s (CCO’s) Role in Cybersecurity

Increased use of technologies such as mobile devices, social media and cloud computing has increased the risk posed by cyber criminals. As a result, in addition to other compliance matters, the CCO is now also responsible for assisting—and protecting—company information technology (IT) systems. During this session, panelists discuss the role CCOs can play in a firm’s cybersecurity program.

Effective Practices for Insider Threats and Third-Party Risk Management

Financial institutions are subject to threats on multiple fronts. Two threats of significant and growing concern to our industry include insiders, such as employees, and third parties, such as vendors. We necessarily rely on and trust both insiders and third parties; however, we must exert appropriate oversight if we are to prevent that trust from being violated by either malicious actors, or careless actions or inactions. During this session, panelists discuss case studies and share effective practices firms can use to manage and mitigate these risks, and develop and improve both their insider risk and third-party risk management programs.


11:00 a.m. – 1:15 a.m.

Networking Break


11:15 a.m. – 12:15 p.m.

Concurrent Sessions II

Recent Cyber Attacks, Threats and Possible Solutions

The world has entered an age in which well-organized and well-funded groups use sophisticated cyber techniques to attack organizations with increasing frequency. This threat landscape is constantly changing and modern cyber defenses must evolve. During this session, panelists discuss recent high-visibility hacks and steps that could have been taken to prevent them from happening or minimize the disruption.

Cybersecurity Guidance for Small Firms

It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During this session, panelists provide risk-based, threat-informed effective practices applicable to small firms and supportive of their overall business model to increase their security and ensure the protection of their customers.


12:15 p.m. – 1:15 p.m.

Networking Lunch and Dessert With Exhibitors


1:15 p.m. – 2:15 p.m.

Plenary Session I – Branch Cybersecurity Controls

Cybersecurity is a top priority for the financial services industry. Firms dedicate significant resources every day to protect against cyber-crime, safeguard consumer data, and maintain the integrity and resilience of their systems in face of countless cyber threats. During this session, panelists discuss defensive measures firms can take within branch locations. These measures include developing information security branch plans, training employees and other solutions.


2:15 p.m. – 2:30 p.m.

Networking Break


2:30 p.m. – 3:30 p.m.

Concurrent Sessions III

Cyber Incident Response Plans and Resources

Every organization should develop a written plan that identifies cyber-attack scenarios and sets out appropriate responses. While plans must be customized for each organization’s particular circumstances, the plan should address basic components. Join panelists as they discuss these components and provide examples of steps their firms have implemented. Panelists also provide resources and helpful tools for firms to address critical cyber threats as well as provide examples of what not to do.

Steps to Take Now to be Ready if Your Organization Is Breached

The cyber threats are no longer a question of if, but when, a breach will occur. It is important to have a cybersecurity plan in place so you are ready to act if your organization experiences a data breach. Join panelists as they share effective steps organizations can take to prepare for an attack.


3:30 p.m. – 3:45 p.m.

Networking Break


3:45 p.m. – 4:45 p.m.

Plenary Session II – Cybersecurity in the Current Regulatory Environment: Insights from Regulators and Industry Experts

With recent high-profile data breaches, cybersecurity continues to be a frequent hot topic within the financial services industry. During this session, panelists answer your questions related to the cybersecurity regulatory landscape, insider threats and other important issues. You will hear their perspectives on effective practices and helpful tips they have identified.


4:45 p.m.

Closing Remarks/Conference Adjourns