Conducting Security Risk Assessments in the Financial Services Industry

Unarguably, the need for a cybersecurity paradigm shift has never been greater. Machine learning is a big step forward in this era of cybersecurity, but traditional machine learning techniques are not optimal with preventing unknown, never-before-seen cyber threats. Fortunately, AI technologies are maturing and deep learning is now proven to be the most effective cybersecurity solution, resulting in unmatched detection and prevention rates.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

First rolled out in 2014 and updated to v1.1 in 2018, the NIST Cyber Security Framework has become widely known and used in the US and overseas. The NIST CSF sets down a framework of cyber security best practices that can be used by any organization, which also ties into many other frameworks, allowing it to be used alongside them.

The NIST CSF has three components: the Core, Profile, and Tiers. The Core is the heart of the Framework, organizing activities into 5 functions: Identify, Protect, Detect, Respond, and Recover. These are divided into 23 categories, further divided into 108 subcategories, and these subcategories are cross referenced to several other frameworks and standards. The Profile is a way of setting a road map of activities, gathering an organization's current state, then setting down a desired future state. The Implementation Tiers are a way to clarify the organizations view of cyber security risk and its approach to addressing it.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

HIPAA requirements can be mind-boggling especially for smaller medical practices. Healthcare businesses of all sizes should comply with several requirements of HIPAA law. There are multiple components of the law involved, such as security, privacy and breach notification provisions. Hear directly from Lorri Doyle, Office Manager, Jacaranda Smiles, about her perspective on HIPAA compliance and how she went about it. Lorri has several years of experience working in a multi-location healthcare practice and will share her experiences and anecdotes related to HIPAA compliance, the challenges and its benefits.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

The Financial Services Industry is heavily regulated and is also a major target for cyber crime. Conducting periodic Security Risk Assessments is not only a best practice but often may be a requirement. Learn from a leading Cybersecurity expert about the process of conducting security risk assessments in the financial services industry.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

Medical Devices are continually increasing in use and popularity, with the advent of so many new technologies in the healthcare space. They could pose several security and privacy risks. Learn from a leading hospital Chief Information Security Officer (CISO) about Medical Device Risk Assessments.

Featured Speaker: Mauricio Angee, CISO of Mount Sinai Medical Center

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

About this webinar:
We discuss key requirements related to a Vendor Risk Assessment. If you have vendors performing important duties for you and/ or have access to your or your clients' confidential information, you may need to perform a Vendor Risk Assessment. This session is part of our Cyber Conversations webinar series.

Learn, among other topics, how to:
- Identify the vendors that need a risk assessment.
- Risk Rating your vendors
- How do you go about performing a step-by-step vendor risk assessment, sometimes also called a Third Party Risk Assessment or Third Party Information Security Assessment?

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. We will issue a Certificate of Completion to those who attend the webinar, to the specific email address and attendee name on the registration form. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar.

A presentation made at the Frost & Sullivan MindXChange conference in San Diego. The theme of the conference was "The Payor and Provider Ecosystem Evolution: Collaborative Innovation in Healthcare".

Sanjay Deo, President of 24By7Security, Inc. presented on the topic of "Partnering to Counter Next Gen Cyber Threats". Cyber crime being a huge threat to the healthcare industry, it is crucial for payors and providers to partner together to counter these cyber threats. Some key takeaways from Sanjay's presentation are:
- Blueprint of the current state of Healthcare Information Technology and Cybersecurity Landscape
- Best Practices of various approaches taken by Healthcare Entities to mitigate Cybersecurity Risks
- Example of new technology to the rescue - Blockchain

About this webinar:

Part of the HIPAA Happenings webinar series from 24By7Security, this webinar features 3 well-known speakers from South Florida.

TOPICS AND PRESENTERS:

Business Associate Agreements - Stephen Siegel, Healthcare Attorney:
Why do you need them, Examples of Business Associates, HIPAA rules governing Business Associates, what is in a BAA, Common mistakes made in BAAs.

Cyber Insurance - Christopher Burgio, SVP, Marsh & McLennan:
History of Cyber Insurance, The Cyber Threat Environment, Cost of a Breach, Key Insurance Coverages, Key considerations with respect to Cyber Insurance.

Incident Response Management - Sanjay Deo, President, 24By7Security:
Why Incident Response, Planning and Preparation, the SANS Incident Handling Process and it's six steps, Creating and Testing your Incident Response Plan.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

About this Webinar:

Complimentary HIPAA Privacy, Security and Breach Notification Training for Healthcare Covered Entities and Business Associates. Healthcare entity employees should ideally undergo HIPAA Training annually.

CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.

This is a presentation made on July 17, 2018 at the FIME conference in Orlando, Florida. The theme of the conference was Medical Devices.

Sanjay Deo, President of 24By7Security, Inc. talks about Ransomware and how it can impact medical devices. With engaging examples, he provides statistics and explains the pervasiveness of ransomware attacks, the impact of ransomware, myths related to ransomware attacks, and how to help mitigate the risks and protect patient data.