Date: April 29, 2014
Time: 3:00pm - 4:30pm
TIME: 3:00 pm – 4:30 pm
Are you concerned hackers could compromise your network and possibly steal member and financial information? Hackers will exploit known vulnerabilities in your computers and networks if you don’t fix them (i.e., patch your system). Your credit union likely uses Microsoft, Adobe, and Java software. These products introduce risk because they are commonly attacked by hackers all over the globe.
Around the same time President Obama issued the executive order regarding cyber threats, the NCUA issued Risk Alert No. 13-RISK-01 stating that every credit union must follow industry best practices. Further, the NCUA has documented Guidance on Developing an Information System Patch Management Program to Address Software Vulnerabilities, so every credit union must take action as it relates to patch management. Some have called 2013 “the year of patch management” because there was a significant increase in the discussion and adoption of patch management systems in credit unions to follow the guidelines created by the FFIEC, PCI, and NCUA. Patch management is a key requirement in protecting systems from attacks by ensuring that software is repaired and void of known vulnerabilities.
Designing and implementing an effective patch management program is central to good security. This webinar will outline how to design and implement patch management programs that meet NCUA/FFIEC requirements, and thwart attempts to steal information.
- Typical attacks that exploit patching problems
- Patch management laws and regulations
- Patch management policy, automation, and best practices
- Monitoring for software vulnerabilities
- TAKE-AWAY TOOLKIT
- Sample patch management policy
- Patch management best practices cheat sheet
- Employee training log
- Quiz you can administer to measure staff learning and a separate answer key
WHO SHOULD ATTEND?
This informative session is best suited for IT personnel, COOs, chief risk officers, chief information officers, chief technology officers, information security officers, chief auditors, chief compliance officers, operations officers, board members, and anyone responsible for internal audits.