Advanced IT Forum - Curriculum
The Advanced IT Forum is designed exclusively for Bank Technology Management School or Security School graduates to explore timely, relevant IT issues with a group of knowledgeable colleagues from around the country. This year's program will focus on the critical issues of software exploitation and cybersecurity, as outlined below.
You’ve used the current tools to attack web applications and network services, but do you know how those tools actually work “under the hood"? This session will take an in-depth look at software exploitation, which is the basis for all attacks covered in the web and network hacking sessions. It’s also why internet browsers are such a popular target for current attacks. We’ll do a quick review of automated exploitation to get everybody up to speed and then dive into the nitty gritty details of how a piece of software is actually exploited. If you’re a highly technical person, there will be virtual machines for you to dive into to conduct manual exploitation of software. If you’re more of a high-level person, the session will provide summary information and critical take-aways so you know how and why these attacks are so devastating.
Cybersecurity is widely cited as the top concern for companies all over the United States, and banks and bank regulators certainly view cyber risk as a tremendous concern. This portion of the program will take a deep dive into both technical and non-technical programs and countermeasures which can be put in place to mitigate cyber risk. Specific topics include:
- Review cyber security law and regulation
- Explaining cyber security and cyber risk to the Board of Directors
- Defining and implementing a cyber security program
- Discussing a process to complete cyber risk assessment
- Completing a cyber risk assessment
- Creating cyber security policy
- Incident response planning for cyber security incidents
- Security awareness for cyber incidents
- Roundtable discussion on the top cyber threats of today and tomorrow
- Discussing top technical solutions to mitigate cyber risk