Bank Technology Security School

BUSINESS OF BANKING CURRICULUM

• Introduction to the Business of Banking
  Learn the major components of a bank’s balance sheet, income statement and key ratios used in decision-making at the bank. This session also outlines the concept of strategic planning and achievement of sustainable competitive advantage.
• Bank Profitability Analysis
  Attendees will come away with a clear understanding of the main components that affect bank profitability. You’ll explore management’s focus on certain ratios and the effect on human resources requirements.
• Asset/Liability Management
  In this session, attendees will learn the goals, organization, and process of asset/liability management and how to integrate A/L with IT management goals. You’ll gain a better understanding of how to identify different types of risk and the implications of risk mismatch.
• Bank Regulatory & Competitive Environment
  Learn the forces that affect industry competitiveness and the impact of deregulation on earnings. Key issues for bank survival and prosperity and the shift from product-driven to market-driven strategies will also be discussed.

IT SECURITY CURRICULUM

• Security Breaches, Laws and Regulations
  Information security law and regulation provides the framework for which community bankers need to devise their information security program. This session will review the significant security breaches of the past 12 months to understand the security risks community banks face. It will also highlight the security laws and regulations that banks need to consider. Topics the program will review include:
  • Gramm-Leach-Bliley Act
  • Bank Secrecy Act
  • Identity Theft Red Flags
  • Data Breach Notification Laws
  • FFIEC Authentication Supplement
  • CSBS CATO Guidance
  • FDIC FILs
  • Regulation from the last 12 months
• Information Security Management
  Security is not just a technology issue. Rather, information protection leverages people, process and technologies to protect against malicious insiders and outsiders. This session will provide the information security management tools a community banks needs to devise their information security program. The program will review:
  • Risk Assessment
  • Vendor Management
  • Business Continuity
  • Incident Response
  • Effective Committees
  • Asset Management
  • Penetration Testing
  • Vulnerability Assessments
  • Security Awareness
  • Social Engineering
  • Auditing

• Network Penetration/Testing and Ethical Web Hacking
  Hands-on laboratory experiences will focus on:
  • Mapping the web application
  • Code injection (SQL, operating system command) attacks
  • Cross-site scripting (XSS) attacks
  • Cross-site request forgery (CSRF) attacks
  • File upload attacks (web shells to remotely control a machine via the web)
  • How to prevent these attacks!
  • All the tools & techniques necessary to complete the attacks
  • A single virtual machine to use throughout the day with all the applications, tools, and scripts!
  • PowerPoints and lab manual available

• Digital Forensics
  With today’s quickly changing technologies it is inevitable that organization will deal with cybercrime; including fraud, insider threats, industrial espionage, and phishing. To help investigate these situations, administrators with digital forensic knowledge are in demand. This session will introduce core Windows Operating System artifacts that digital forensic analysts use in their investigations. You will learn how computer forensic analysts focus on collecting and analyzing data from computer systems to track user-based activity that can be used in internal investigations or criminal/civil litigation.

• Data Privacy Laws
  Must know laws and regulations to maintain compliance

• CyberCrime and the Dark Web
  Key strategies to protect your bank from criminals and bad actors

NOTE: The Bank Technology Security School provides up to 4 hours of advanced placement credit toward several professional certifications available through the SBS Institute. For specifics, please contact SBS as they approve the credits toward these certifications.