General Sessions

Trends that Impact - Jim Rechel, President, The Rechel Group & Dan Hadaway, infotex
Jim Rechel and Dan Hadaway will provide a look back on the year, not for nostalgia, but for the trends waiting in the shadows of the most important security issues facing banks. From the impact of evolving technology, to innovative ideas, the opening session will set the stage the year ahead.

Bank Robbery Risks - Steve Secor, FBI Agent
Steve Secor, FBI Agent, Bank Robbery Coordinator for Violent Crimes Task Force will speak on bank robbery activity and trends over the last 12 months will be analyzed, with a focus on bank robberies in the Midwest. Revealing the newest tactics and methods that today’s robbers are currently utilizing through real life examples.

Terror, Takeovers and Technology - Chris Allen, FifthThird Bank & Jim Rechel, The Rechel Group
Money is the lubricant of the engine of criminal organizations, some with ties to international terror, which prey up  on banks and communities of all sizes. This session will highlight the operational aspects of a current fraud scheme that involves millions of dollars, phony merchants, retail bank accounts, debit cards, and small towns being used as the hiding place for international wide fraud. 

Cyber-Attack Interactive Exercise - Tom Williams, Business Continuity/ Disaster Recovery Strategy Manager & Allen Eaves Jr., Gladiator Product Manager, Jack Henry and Associates
After all we have done to protect our customers, when we make “the mistake” it is Incident response that makes us or breaks us.  Back by popular demand, Tom and his team will lead us through an incident response tabletop exercise.  This year’s scenario:  The Insider Threat.  Be ready!!

Cyber Battle - Attacked vs. Defender - David Anderson, OSCP, Manager, Information Security, CLA & Jason Juntunen, OSCP, OSWP,  Information Security Senior Consultant, CLA
This session will demonstrate “live” network attacks from two perspectives: the attacker and the defender. The attacker will demonstrate popular attack vectors that many organizations are vulnerable to. The defender will demonstrate how to defend against these attacks. The defensive solutions provided will focus on free tools or configurations.

Human Trafficking: Modern Day Slavery “Hidden in Plain Sight” - Kevin Gulledge, Abrigo
Human Trafficking, or modern-day slavery, is the fastest-growing crime in the world.  In this session, we will discuss in-depth some common myths and misconceptions about human trafficking, who are the victims of these crimes and how are the victims are forced, coerced or fraudulently exploited into these situations by traffickers, terrorist groups and other criminal organizations and we will discuss how these victims are "hidden in plain sight" and some red flags to watch out for in order to prevent this from happening in your community.

The State of Cyber Breach Litigation: Murky Water that Continues to Swell - Molly A. Arranz, Partner, SmithAmundsen
With a trifecta of data privacy laws—found in industry regulations, federal statutes and state laws, getting a clear view of what is legally required for your company can be a challenge. At the same time, client, customer and contracting-partner expectations continue to rise, and the litigation that can ensue—with waves of varied findings and rules—make the law surrounding cybersecurity and cyber-breach hard to navigate. Join us as we consider the ever-changing area of data privacy and security litigation. How successful have the cyber breach lawsuits been? Can we delineate factors that courts consider for throwing these cases out? How do you avoid litigation hot water in the first place? In addition, we will attempt to forecast the next storms of potential litigation and enforcement actions.

Human Hijinks—Ways to Steal Your Data - Steve Stasiukonis, President, Secure Network Technologies
Pen Tester and Social Engineer Steve Stasiukonis will explain new Social Engineering techniques and how white-collar criminals leverage the use of common people, processes and technologies to infiltrate the internal workings of your bank.  Steve will share real world experiences on how his company uses these techniques to breach the networks of numerous financial institutions (during tests, of course).  The talk will focus on how malicious actors use publicly available Internet based information to defeat the Financial Institutions security controls.  It will show us ways criminals are defeating physical and digital Financial Institution security by leveraging imposter access, and provide tips on training your employees to protect your Financial Institution.

Rethinking True Safety and Security - Surviving the Life or Death Gap - Terry Choate Jr., Blue U Defense & Joe Hileman, Blue U Defense
Developing a plan to survive a sudden unplanned incident of violence is impossible. What is required is the development of "thinkers". Those who understand both the problems and the solutions and have the ability to constantly adapt and develop reactionary skills that truly mean something and will work - in reality. Prepare to change the way that you think about safety and security!

Breakout Sessions

Identity Access Management - Rich Remaks, Managing Consultant, BKDCyber
Privileged credential abuse paves the way for 74 percent of corporate data breaches, which is staggering. This presentation will dive headfirst into the critical, complex and often confusing world of Identity and 
Access Managment (IAM).  We all know that security is best when it’s silent, working behind the scenes to provide secure access,and only felt when something malicious happens. A strong security posture, 
including strong IAM, are required no more than ever before. If done correctly, you can quickly enable access to your internal resources and applications, whether in the cloud, on premises, or in a hybrid cloud.  Identity management should be a combination of policies and technologies for ensuring that the proper people in your Bank have the appropriate access to technology resources.
Integration of Physical Security Monitoring
Enterprise physical security solutions, including access control, video surveillance, event monitoring, digital signage, real-time data and information feeds, mobile applications and cloud-based services are all aspects of an integrated bank physical security system.  This session will highlight the solutions currently available to banks to effectively integrate all their physical security components.
Holistic Approach to End Point Protection - Brian Petzold, MBA, CISSP vCISO Senior Advisor, Bedel Security 
This talk focuses on decomposing the topic of endpoint protection, by taking a focused look at the various 
channels of inbound threats and outbound data leakage. Participants will take away a new perspective and strategy that they can take back to their institution to perform their own self-assessment on how they are protecting the endpoint and where they can improve.
Holistic Approach to Fraud Prevention
Just as fraud has become more holistic — sophisticated global organizations creating what amounts to fraud networks — so, too, has much of the financial industry’s defenses. Rather than treating fraud prevention as a series of independent responsibilities conducted by separate business units, it’s much better — and more seamless — to make the broadest use of consumer data and your bank’s fraud knowledge, and view your fraud mitigation effort as a larger whole, a long-term, general process.  This session will provide insight into the opportunities and technology available to integrate your fraud mitigation. 
Fraud Targeting Seniors: Red Flags for Bankers - Jim Rechel, President, The Rechel Group, Inc.
To support an aging customer base, respond to regulatory pressures and to help elderly customers from becoming victims of fraud schemes, it is important for bank personnel to understand why elderly customers are targets, what schemes and tactics are commonly used against them and how these schemes can be detected.  Jim Rechel will provide a thought provoking look at the fraud scams, the red flags they generate, and the need for banks to create a more robust fraud alert and response system within your bank to detect these scams.
When Insiders Go Bad-Cyber Threats Inside Your Bank - Steve Stasiukonis, President, Secure Network Technologies
What are the biggest threats to your organization’s data? Recent media attention to high-profile cyberattacks would lead an organization to think external threats are its only concern. Unfortunately, this 
misperception allows one of the biggest threats to your organization’s data to stay completely under the radar – the threat of insiders. With so much of an organization’s valuable information digitized today, it has never been easier to steal sensitive data strategy into a more cohesive unit.