NYLIB’s Cybersecurity Panel Discussion last Thursday, March 31 at the St. Cloud Rooftop Bar was a tremendous success.

Keynote Speaker

Our keynote speaker, GroupSense CEO Kurtis Minder, delivered a presentation that was filled with useful information on topics like the steps that banks can take to prevent cyberattacks, the importance of reviewing cybersecurity insurance policies, and lining up cybersecurity and legal professionals in advance of an attack, and the need to print out hard copies of important electronic documents, such as incident response plans, to prevent such documents from being rendered inaccessible at exactly the wrong time by a ransomware attack. Mr. Minder also touched on techniques for negotiating with ransomware attackers and the importance of letting an experienced professional handle such negotiations. Mr. Minder, who earlier on Thursday had testified before the Senate Committee on Homeland Security, was profiled last year in a New Yorker article entitled “How to Negotiate with Ransomware Hackers.”  

Regulatory Panelists

Our regulatory panel was capably moderated by John Verry of PivotPoint Security. We were honored that Jessica Kaemingk (Deputy Regional Director, FDIC), Jason Kang (National Bank Examiner and Bank Information Technology Specialist, OCC), and Danny Brando (Financial Institution Cybersecurity Policy Department Head, Supervision Group, Federal Reserve Bank of New York) joined us via Zoom. And we were both honored and delighted that Justin Herring (Executive Deputy Superintendent Cybersecurity Division, NYSDFS) was able to join us in person.

Key Takeaways

The regulators, who each spoke in their personal rather than official capacities, provided information and pointed to guidance regarding threats arising from the current geopolitical situation. They emphasized the importance of robust incident response and business continuity plans that specifically address cybersecurity risks and disruptions. They further emphasized that banks should account for the possibility of disruptions to third-party service providers in their business continuity plans. They commented on the importance of a strong board-level commitment to cybersecurity, as well as ways that chief information security officers (CISO) and other cybersecurity professionals can engage bank boards on the critical topic of cybersecurity.

Considerations for Banks & Financial Institutions

The federal regulators spoke regarding the impetus for the new federal interagency rule requiring banks to promptly report computer-security incidents reaching a certain materiality threshold to regulators and requiring bank service providers to do the same with respect to banks. They commented on the materiality standard under the new rule, and Mr. Herring also provided valuable insights regarding the standard for materiality under the New York State Department of Financial Services’ Part 500.

Here’s a word from Ed Lutz, the President of the New York League of Independent Bankers (NYLIB).

Here’s a word from Pinchus Raice, the co-founder and a Board Member of NYLIB, as well as a partner and co-chair of the Financial Institutions practice group at Pryor Cashman LLP.

Upcoming Events

The NYLIB team is thrilled that we were able to provide an opportunity to bring our colleagues together to explore key issues of importance to members of the banking industry. Our organization’s mission is to provide a forum for networking and education.

As we continue planning events and meetings, NYLIB is open to any suggestions on topics or issues that are of interest to the community and foreign banks in the tri-state area. Don’t forget to subscribe to our mailing list below, to stay informed on news and upcoming events.

Memorable Moments

Please enjoy more memorable moments from our Cybersecurity Panel Discussion here. We encourage you to download your favorite moments and share them on LinkedIn. Don’t forget to tag the New York League of Independent Bankers (NYLIB)!

Previous Events