PRESS RELEASE

June 29, 2015

CONTACT: Patrick Keefe, NASCUS Communications/703-528-5974, pkeefe@nascus.org

NASCUS/CUNA CYBERSECURITY SYMPOSIUM SETS AGENDA FOR AUG. 24-25 SESSION
Concentrated program examines cybercrime, hacking, payments vulnerabilities, examinations

ARLINGTON, Va. -- A live hack demonstration, a top U.S. Secret Service cybercrime expert, and vulnerabilities in the payments system – including Apple Pay and “chip and pin” -- are all part of the Aug. 24-25 NASCUS/CUNA Cybersecurity Symposium in Denver.

The two-day symposium features 13 hours of educational presentations, panel discussions, demonstrations and group discussion. More than 10 experts in cybersecurity will make presentations and lead discussions with the group.

“This entire symposium is designed to help credit union regulators and leaders better understand the strengths and vulnerabilities of the credit union system's cybersecurity positioning, and help shape the policy of security expectations going forward,” said NASCUS President and CEO Lucy Ito. “Our first symposium in 2014 was extraordinarily successful in reaching those goals – this year’s ambitious program builds on the momentum achieved last year.”

Hosted by cybersecurity expert Tom Schauer, CEO and chief client experience officer for information security consultants Trust CC (based in the Seattle area), the symposium features 15 separate sessions and forums, including:

  • A live illustration of a computer/network hacking (demonstrated by TrustCC’s Schauer);
  • A presentation by U.S. Secret Service Deputy Assistant Director Robert Novy on law enforcement’s view of cybercrime;
  • An overview of what a credit union’s directors should know about cybersecurity (by Mark Berman of Horsetail Technologies, a Baltimore-based IT Services provider and consultants);
  • An overview of vulnerabilities in the payments system, including those associated with Apple Pay and “chip and pin” credit and debit card security techniques (offered by Jay Isaacson of CUNA Mutual Group);
  • A panel discussion on what a cybersecurity exam should look like (featuring regulators John Kolhoff of the Michigan Office of Credit Unions and Tim Segerson of the National Credit Union Administration).

In addition, the program will feature a two-hour presentation by NCUA’s Segerson (deputy director of the office of examination and insurance (E&I)) on industry expectations for the adoption of the coming Federal Financial Institutions’ Exam Council (FFIEC) cyber assessment tool.

“The entire program is aimed at giving credit unions and regulators the most complete view of the challenges, and solutions, in dealing with cybersecurity today,” said Brian Knight, general counsel of NASCUS. “As we learned with last year’s program, there are as many issues today as ever before about the rapidly evolving topic of cybersecurity – and this program gets into the heart of today’s top issues.”

Registration for the program is $675 for members of NASCUS or CUNA, as well as clients of TrustCC.  Non-NASCUS, CUNA, Trust CC members/clients pay $775; representatives from non-credit union entities pay $875. See the NASCUS website (www.nascus.org) for complete details.

For more information, contact NASCUS Vice President of Education Isaida Woo, either via email at isaida@nascus.org, or by phone at 703.528.0796.

Following is the current program agenda (subject to change):

Monday, Aug. 24, 2015

8:15 - 9 a.m.: Registration

9 - 9:15 a.m.: Opening Remarks and Welcome; NASCUS General Counsel Brian Knight, TrustCC CEO Tom Schauer

9:15 - 9:45 a.m.: Surveying the Cybersecurity Landscape: What Has Changed Since 2014; TrustCC CEO Tom Schauer

9:45 - 10:30 a.m.: Rules of the Road: Surveying the Obligations Created by GLB and Relevant Guidance; Tom Schauer, CEO, TrustCC

10:30 - 10:45 a.m.: Break

10:45 - 11:30 a.m.: Building Effective Internal Cyber Policies and Procedures; Patrick Sickles, CU*Answers

11:30 a.m. - 12:15 p.m.: Third-Party Technology Contracts; Mick Kless, President, R.I.S.C. Associates

12:15 - 1:15 p.m. - Lunch

1:15 - 2:30 p.m.: Leveraging Visual Basic for Security: Poor man’s incident detection system (IDS); John Eyre, AVP of IT, TAPCO Credit Union

2:30 - 3:15 p.m.: Regulator on the Doorstep: What Should a Cybersecurity Exam Look Like? Panel with John Kolhoff, Michigan Office of Credit Unions, and Tim Segerson, National Credit Union Administration)

3:15 - 3:30 p.m.: Break

3:30 - 4:15 p.m.: The Latest Advances with Encryption; (presenter TBD)

4:15 - 5 p.m.: Life after a Data Breach -- People, Processes, and Technology; Wes Withrow, TraceSecurity

5:00 - 5:15 p.m.: Wrap-up, Day's Adjournment by TrustCC CEO Tom Schauer

Tuesday, August 25

8:00 - 8:30 a.m.: Continental Breakfast

8:30 - 9:30 a.m.: Breaching the Defenses: Live Hack Demonstration; Tom Schauer, CEO, TrustCC and Andrew Robbins, TrustCC

9:30 - 10:00 a.m.: Law Enforcement's View of Cybercrime; Robert Novy, Deputy Assistant Director, U.S. Secret Service

10:00 - 10:15 a.m.: Break

10:15 - 11:00 a.m.: Let's Go Phishing: Training Staff and Internal Controls; (presenter TBD)

11:00 a.m. - Noon: Chip & Pin and Apple Pay: Vulnerabilities of the Changing Payment System; Jay Isaacson, Vice President, CUNA Mutual Group

Noon - 1:15 p.m.: Lunch

1:15 - 3:00 p.m.: Self Evaluation and the FFIEC Model Assessment; Tim Segerson, Deputy Director E&I, NCUA

3:00 - 3:15 p.m.: Break

3:15 - 3:45 p.m.: What Should a Credit Union's Directors Know? Mark Berman, Principal, Horsetail Technologies

3:45 - 4:20 p.m.: Understanding Cyber Insurance; Jay Isaacson, Vice President, CUNA Mutual Group

4:20 - 4:45 p.m.: Open Forum with Panel of Experts

4:45 p.m.: Final Wrap-Up, Adjournment; TrustCC CEO Tom Schauer

 

 * Agenda subject to change.

# # #

The National Association of State Credit Union Supervisors (NASCUS) is the primary resource and voice of the state governmental agencies that charter, regulate and examine the nation’s state-chartered credit unions. NASCUS membership is made up of state-chartered credit unions, state regulators and other supporters of the state credit union system. NASCUS is the only organization dedicated to the defense and promotion of the state credit union charter and the autonomy of state credit union regulatory agencies.

 

Information Contact:
Patrick Keefe, Director of Communications, pkeefe@nascus.org or (703) 528-5974

The National Association of State Credit Union Supervisors (NASCUS) is the primary resource and voice of the state governmental agencies that charter, regulate and examine the nation’s state-chartered credit unions. NASCUS membership is made up of state-chartered credit unions, state regulators and other supporters of the state credit union system. NASCUS is the only organization dedicated to the defense and promotion of the state credit union charter and the autonomy of state credit union regulatory agencies.