Graduate School of Banking

Educating Professionals, Creating Leaders

Ph. 800.755.6440   |   Email

Bank Technology Security School - Curriculum

October 6-11, 2019
Fluno Center for Executive Education

Madison, Wisconsin
Enrollment Deadline: September 6

This one-week school includes practical, hands-on labs that will allow you to work with learned concepts in real-world situations. This applied learning is a key benefit of participating and will provide skills and tools you can put to use immediately at your bank. The program's curriculum features two core areas of study - the business of banking and offensive and defensive IT security measures.

  • Business of Banking Curriculum

    • Introduction to the Business of Banking
      Learn the major components of a bank's balance sheet, income statement and key ratios used in decision-making at the bank. This session also outlines the concept of strategic planning and achievement of sustainable competitive advantage.
    • Bank Profitability Analysis
      Attendees will come away with a clear understanding of the main components that affect bank profitability. You'll explore management's focus on certain ratios and the effect on human resources requirements.
    • Asset/Liability Management
      In this session, attendees will learn the goals, organization, and process of asset/liability management and how to integrate A/L with IT management goals. You'll gain a better understanding of how to identify different types of risk and the implications of risk mismatch.
    • Bank Regulatory & Competitive Environment
      Learn the forces that affect industry competitiveness and the impact of deregulation on earnings. Key issues for bank survival and prosperity and the shift from product-driven to market-driven strategies will also be discussed.
  • IT Security Curriculum

    • Security Breaches, Laws and Regulations
      Information security law and regulation provides the framework for which community bankers need to devise their information security program. This session will review the significant security breaches of the past 12 months to understand the security risks community banks face. It will also highlight the security laws and regulations that banks need to consider. Topics the program will review include:
      • Gramm-Leach-Bliley Act
      • Bank Secrecy Act
      • Identity Theft Red Flags
      • Data Breach Notification Laws
      • FFIEC Authentication Supplement
      • CSBS CATO Guidance
      • FDIC FILs
      • Regulation from the last 12 months
    • Information Security Management
      Security is not just a technology issue. Rather, information protection leverages people, process and technologies to protect against malicious insiders and outsiders. This session will provide the information security management tools a community banks needs to devise their information security program. The program will review:
      • Risk Assessment
      • Vendor Management
      • Business Continuity
      • Incident Response
      • Effective Committees
      • Asset Management
      • Penetration Testing
      • Vulnerability Assessments
      • Security Awareness
      • Social Engineering
      • Auditing
    • Virtualization
      Virtualization is the future to deploying hardware in your IT environment. Learn more about planning, deploying, and managing your company's new or existing virtualization infrastructure for your servers. This class will provide you with some hands-on experience in the VMware world. We will perform/discuss the following tasks:
      • Using a template for VM server deployment
      • Deploying a new server from a template
      • Converting a physical server to a virtual server
      • Setting up the security for your users
      • Implementing a virtual switch
      • Using Motion
      • Server backup options for your virtual servers
      • Server replication options for your virtual servers
      • Disaster Recovery options for your environment
    • Mobile and Wireless Security Defense
      Defending mobile devices in your financial institution's environment is important. This class will discuss ways to strengthen your environment, policy creation for your end-users, and ways to safeguard your customer's information.

      This session will also discuss the use of wireless network security defense in your financial institution. Hands-on experiences will provide you with security controls that you can implement in your environment to mitigate threats against your information.
    • Network Penetration/Testing and Ethical Web Hacking
      Hands-on laboratory experiences will focus on:
      • Mapping the web application
      • Code injection (SQL, operating system command) attacks
      • Cross-site scripting (XSS) attacks
      • Cross-site request forgery (CSRF) attacks
      • File upload attacks (web shells to remotely control a machine via the web)
      • How to prevent these attacks!
      • All the tools & techniques necessary to complete the attacks
      • A single virtual machine to use throughout the day with all the applications, tools, and scripts!
      • PowerPoints and lab manual available
    • Digital Forensics
      With today's quickly changing technologies it is inevitable that organization will deal with cybercrime; including fraud, insider threats, industrial espionage, and phishing. To help investigate these situations, administrators with digital forensic knowledge are in demand. This session will introduce core Windows Operating System artifacts that digital forensic analysts use in their investigations. You will learn how computer forensic analysts focus on collecting and analyzing data from computer systems to track user-based activity that can be used in internal investigations or criminal/civil litigation.
    • Network Defense
      Best practices for securing your network will be explored.
    NOTE: The Bank Technology Security School provides up to 4 hours of advanced placement credit toward several professional certifications available through the SBS Institute. For specifics, please contact SBS as they approve the credits toward these certifications.