John Sileo offered real-life perspective on the issue
of identity theft in Tuesday's keynote address.
- Proimages photo
Feb. 27, 2013 – Credit unions learned how to protect their members from fraud, cybercrime and online threats during opening-day sessions at the NAFCU Technology and Security Conference in Austin, Texas.
Keynote speaker John Sileo has experienced first-hand the frustration and loss associated with identity theft. In Tuesday's opening session, Sileo talked about how to overcome obstacles to data privacy, how to "think like a spy" and apply espionage techniques to the credit union's data protection efforts, top five social engineering triggers and how to defeat them and, among other things, how to perform risk-scenario training.
In Website Down – Prepare and React to a DDoS Attack, representatives of University FCU discussed their recent experience with the type of distributed-denial-of-service attack that for the most part have targeted large banks. During this luncheon address, credit union Vice President and CIO Steve Ewers, Senior Manager of IT Edward Christians and Manager of Infrastructure and Security Glen Roberts talked to conference attendees about the first steps they took, defensive measures the credit union had in place, how they managed reputation risk and how they ensured member information was safe and secure.
Also speaking were:
- RISC Services Manager Tyler Leet, who delved into case studies of social engineering attacks and different incident response steps;
- Gregory Ogorek of Cyveillance Inc. (a NAFCU Services Preferred Partner) on how to prevent online impersonation when on Facebook and other social media sites; and
- Randall Romes, computer and network security consultant, on fraud, hacking and insider activity, and ways to prevent risks.
Conference participants capped off the day with a networking event at Maggie Mae's, the cornerstone for live music in the heart of Austin's historic entertainment district.
The Technology and Security conference resumes today with sessions on how to balance fraud prevention with other operational concerns; data loss prevention; preventing security breaches; and using technology to improve members’ experience.