New Incident Notification Requirements
Justin Muscolino brings over 20 years of wide-ranging experience in compliance, training, and regulation in the financial services sector. Most recently, he served as Head of Compliance Training at Bank of China where he led the compliance training function and created and monitored the annual training plan through a thorough training needs analysis. Previously he served as Macquarie Group’s Head of Americas Compliance Training and JPMorgan Chase’s Compliance Training Manager. Justin also worked for FINRA, a US regulator, where he created Examiner University to train examiners on how to perform their function.
Serious financial damage has been caused by security breaches, but because there is no standard model for estimating the cost of an incident, the only data available is that which is made public by the organizations involved. This webinar will focus on the type of breaches and how to prevent them.
- FDIC, OCC, and Federal Reserve New Requirements
- Necessary Plan Updates to comply
- General Regulatory Review
- Business Continuity Implications
- Lessons Learned from Breaches
Course Level - All
Who Should Attend
Anyone in corporate.
Why Should You Attend
Join us in this webinar to learn about the requirements around this new rule and to review the core components of an Incident Response Plan. We will highlight other regulatory requirements for you to address, lessons learned from real-world breaches, general components of an Incident Response Plan with specific procedures for DDOS, malware, ransomware, CATO, and unauthorized access incidents. We also will address the importance of incorporating forensic analysis procedures into your standard procedures to better address emerging threats and decrease your liability.
Federal Regulators have issued a final rule that requires financial institutions to notify their primary federal regulator of any “computer-security incident” that rises to the level of a “notification incident,” as soon as possible and no later than 36 hours after the banking organization determines that a notification incident has occurred. There are also requirements for third parties to notify financial institutions regarding security incidents they are experiencing.