NYLIB’s Cybersecurity Panel Discussion last Thursday, March 31 at the St. Cloud Rooftop Bar was a tremendous success.

Keynote Speaker

Our keynote speaker, GroupSense CEO Kurtis Minder, delivered a presentation that was filled with useful information on topics like the steps that banks can take to prevent cyberattacks, the importance of reviewing cybersecurity insurance policies, and lining up cybersecurity and legal professionals in advance of an attack, and the need to print out hard copies of important electronic documents, such as incident response plans, to prevent such documents from being rendered inaccessible at exactly the wrong time by a ransomware attack. Mr. Minder also touched on techniques for negotiating with ransomware attackers and the importance of letting an experienced professional handle such negotiations. Mr. Minder, who earlier on Thursday had testified before the Senate Committee on Homeland Security, was profiled last year in a New Yorker article entitled “How to Negotiate with Ransomware Hackers.”  

Regulatory Panelists

Our regulatory panel was capably moderated by John Verry of PivotPoint Security. We were honored that Jessica Kaemingk (Deputy Regional Director, FDIC), Jason Kang (National Bank Examiner and Bank Information Technology Specialist, OCC), and Danny Brando (Financial Institution Cybersecurity Policy Department Head, Supervision Group, Federal Reserve Bank of New York) joined us via Zoom. And we were both honored and delighted that Justin Herring (Executive Deputy Superintendent Cybersecurity Division, NYSDFS) was able to join us in person.

Key Takeaways

The regulators, who each spoke in their personal rather than official capacities, provided information and pointed to guidance regarding threats arising from the current geopolitical situation. They emphasized the importance of robust incident response and business continuity plans that specifically address cybersecurity risks and disruptions. They further emphasized that banks should account for the possibility of disruptions to third-party service providers in their business continuity plans. They commented on the importance of a strong board-level commitment to cybersecurity, as well as ways that chief information security officers (CISO) and other cybersecurity professionals can engage bank boards on the critical topic of cybersecurity.

Considerations for Banks & Financial Institutions

The federal regulators spoke regarding the impetus for the new federal interagency rule requiring banks to promptly report computer-security incidents reaching a certain materiality threshold to regulators and requiring bank service providers to do the same with respect to banks. They commented on the materiality standard under the new rule, and Mr. Herring also provided valuable insights regarding the standard for materiality under the New York State Department of Financial Services’ Part 500.

Here’s a word from Ed Lutz, the President of the New York League of Independent Bankers (NYLIB).

Here’s a word from Pinchus Raice, the co-founder and a Board Member of NYLIB, as well as a partner and co-chair of the Financial Institutions practice group at Pryor Cashman LLP.

Upcoming Events

The NYLIB team is thrilled that we were able to provide an opportunity to bring our colleagues together to explore key issues of importance to members of the banking industry. Our organization’s mission is to provide a forum for networking and education.

As we continue planning events and meetings, NYLIB is open to any suggestions on topics or issues that are of interest to the community and foreign banks in the tri-state area. Don’t forget to subscribe to our mailing list below, to stay informed on news and upcoming events.

Memorable Moments

Please enjoy more memorable moments from our Cybersecurity Panel Discussion here. We encourage you to download your favorite moments and share them on LinkedIn. Don’t forget to tag the New York League of Independent Bankers (NYLIB)!

Previous Events

NYLIB held a Banking Conference on May 12, 2017 at the TKP New York Conference Center. The conference discussed important topics affecting community bankers in the tri-state area and featured multiple notable speakers including:

Judy Selby, Senior Advisor at Hanover Stone Partners and former National Lead of Cyber Insurance & Data Privacy at BDO Consulting. Ms. Selby has been hailed as “one of the premier voices in legal technology” by Legaltech News, and consults with clients on cyber insurance, cybersecurity, information governance, data privacy and complex insurance matters.  Ms. Selby presented on New York’s recently adopted cybersecurity regulation, Part 500, giving advice about how bankers might approach compliance with the rule, and manage risks related to the same.

Jeffrey Alberts, Partner and Co-Head of Pryor Cashman LLP’s Financial Institutions Group and former Assistant United States Attorney for the Southern District of New York. Mr. Alberts’ practice focuses on government investigations and related regulatory proceedings, asset-forfeiture litigation, victims’ rights representation, and complex civil and commercial litigation. 

Asaad Faquir, Director of Compliance at RSK Compliance Solutions. Mr. Faquir has a wide range of experience in regulatory compliance, business process improvement, and risk management in the banking and finance industry, and is an active compliance educator and trainer through a variety of outlets, including the RSKonnect Webinar Series, BankWebinars.com, and Atlantic Community Bankers Bank (ACBB) “Compliance Anchor.” 

Mr. Alberts and Mr. Faquir shared an in-depth look into New York’s recently adopted transaction monitoring and filtering regulation, Part 504, and set forth potential solutions for compliance with the regulation from both legal and compliance perspectives.

Thank you to BDO for sponsoring this event, as well as all those who spoke or were in attendance, for making NYLIB’s First Annual Conference a huge success!