oprisk north america advisory board cyber risk north ... › wp-content › uploads › 2018 › 05...

JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!

www.slido.com #OPRISKNA2017 www.slido.com #CYBERNA2017

19th annual OpRisk North America 14-15 March 2017 Marriott Marquis, New York

OPRISK NORTH AMERICA ADVISORY BOARD Meet the OpRisk North America Advisory Board. These industry professionals have volunteered their time and effort to help develop our OpRisk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:

Chair: Alexander Campbell, Divisional Content Editor, RISK.NET

Graeme Farrell, Global Head, Operational Risk Management Framework, JP MORGAN CHASE

Aengus Hallinan, Managing Director, Head of Operational Risk Management for the Americas and Global Markets, CREDIT SUISSE

Deborah Hrvatin, Managing Director, Head of Operational Risk Management Americas, DEUTSCHE BANK

Jodi Richard, Head of Op Risk, US BANK

Kathleen M Stack, SVP, Operational Risk, HSBC NORTH AMERICA

Lori Miller, Managing Director, Head of Operational Risk, Investments, AIG

3rd annual Cyber Risk North America 14-15 March 2017 Marriott Marquis, New York

CYBER RISK NORTH AMERICA ADVISORY BOARD Meet the Cyber Risk North America Advisory Board. These industry professionals have volunteered their time and effort to help develop our Cyber Risk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:

Chair: Alexander Campbell, Divisional Content Editor, RISK.NET

Jack Freund, Senior Manager, Cyber Risk, TIAA-CREF

Henry Jiang, Chief Information Security Officer (CISO), OPPENHEIMER AND COMPANY

Michael Woodson, Former Information Systems Security Dir; Adjunct Professor, NORTHEASTERN UNIVERSITY

Peter Keenan, Chief Information Security Officer (CISO), LAZARD

http://www.oprisknorthamerica.com/static/home

http://www.cyberrisknorthamerica.com/static/home

http://www.cyberrisknorthamerica.com/static/home


www.slido.com #OpRiskNA www.slido.com #CyberRiskNA

WORKSHOPS

Pre conference workshops: 13th March 2017

Post conference workshops: 16TH March 2017

Workshop 1: Future of operational risk modeling post AMA Sessions by: Marco Migueis, Principal economist- Banking Supervision and Regulation, FEDERAL RESERVE BOARD Robert Stewart, Economist, FEDERAL RESERVE BANK OF CHICAGO Dr. Gareth W. Peters, Assistant Professor- Department of Statistical Science, UNIVERSITY COLLEGE LONDON Ruben D. Cohen, Independent Consultant Diane R. Maurice, Techncial Advisor- Office of Technical Assistance - International Banking, US DEPARTMENT OF TREASURY

Workshop 3: Forecasting and minimizing operational risk losses Sessions by: Jitendra Rathod, Senior Examiner, FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC) Richard Cech, Senior Bank Examiner, Operational Risk Governance, Financial Institution Supervision Group, FEDERAL RESERVE BANK OF NEW YORK Muffasir Badshah, FEDERAL RESERVE BANK OF CHICAGO Robert Stewart, Economist, FEDERAL RESERVE BANK OF CHICAGO Gus Ortega, Head of Corporate Operational Risk Management, AIG

Workshop 2: Conduct risk- Fixing the systems Sessions by: Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD Anne Searle, Lecturer, UNIVERSITY OF WASHINGTON

Workshop 4: CCAR - a powerful business and risk management tool Sessions by: Filippo Curti, Financial Economist, Quantitative Supervision and Research, FEDERAL RESERVE BANK OF RICHMOND Michael Barton, Director of Operational Risk Quantification and Scenario Analysis, CCAR/EC, AIG



MAIN CONFERENCE PROGRAM

Day One: 14TH March 2017

8:00am Registration and refreshments

8:50am WELCOME REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET *Interactive Audience Poll via Sli.do Vote live to generate real time content #OpRiskNA

WELCOME REMARKS: Michael Woodson, Former Information Systems Security Dir; Adjunct Professor, NORTHEASTERN UNIVERSITY *Interactive Audience Poll via Sli.do Vote live to generate real time content #CyberRiskNA

8:55am

KEYNOTE ADDRESS: The U.S. Treasury CRO’s perspective on operational risk Ken Phelan, Chief Risk Officer, U.S. DEPARTMENT OF THE TREASURY

KEYNOTE ADDRESS: Cyber risk- a clear and present danger James Brenneman, Assistant to the Special Agent in Charge, US SECRET SERVICE

9:25am

SPOTLIGHT ON: Bank of the Year- UBS

Then and now

What are the benefits of merging operational risk and compliance functions? What were the obstacles faced?

How to establish a firm-wide risk taxonomy

The need to revamp risk and control assessments

Deterring internal misconduct and monitoring employee behaviour James Oates, Global Head of Compliance & Operational Risk Control, UBS

SPOTLIGHT ON: The buy-side perspective: Cyber security risk identification and management

Cyber security response protocols

Emerging cyber threats: evaluating their magnitude and complexity

How to reverse stress test for cyber security Robert Rupp, Executive Vice President and Chief Risk Officer, THE HARTFORD

9:55am

REGULATORY KEYNOTE ADDRESS: Operational risk at a crossroad- The regulator’s view REGULATORY KEYNOTE ADDRESS



Thomas Ferlazzo, Senior Vice President, Supervision Group- Operational Risk, FEDERAL RESERVE BANK OF NEW YORK

10:25am

KEYNOTE PANEL: The changing operational risk function

How can operational risk add value to the front office? Has operational risk management moved to a decentralized model?

Defining and measuring your firms risk culture and looking at the role of supervisor

Delving into the SMA: What has changed? Why have the changes occurred? How has the industry responded?

Lisa Broomer, Global Head of Operational Risk, JP MORGAN CHASE Megumi Nishikawa, Director- Operational Risk, OFFICE OF THE SUPERINTENDENT OF FINANCIAL INSTITUTIONS (OSFI) CANADA Paulomi Shah, Head of Operational Risk, Global Banking and Markets, BANK OF AMERICA MERRILL LYNCH Neil Roth, Head of Operational Risk Governance for Combined U.S. Operations, RBC *Audience Q&A Submit your questions via sli.do

CISO PANEL: Preventing another Swift attack

How to avoid phishing and malware?

Which payments systems are likely to be targeted next and how to prepare for it

Regulatory probe into vulnerabilities, processes, encryption and technological controls

Evaluating remediation plans?

What metrics and data should be presented to the board and senior management?

Moderator: Michael Woodson, Former Information Systems Security Dir; Adjunct Professor, NORTHEASTERN UNIVERSITY Michael Leking, Business Information Security Officer, US BANK Sheldon Cuffie, CISSP, VP & Chief Information Security Officer, NORTHWESTERN MUTUAL Peter Keenan, Chief Information Security Officer (CISO), LAZARD Shelbi Rombout, Senior Vice President - Deputy Chief Information Security Officer, MASTERCARD

11:10am Morning coffee and networking break

STREAM 1: Regulation and compliance

STREAM 2: Practice and risk management

STREAM 3: Threats and risks

PANEL DISCUSSION: Quantifying cyber risk exposure

Using the standard Factor Analysis of Information Risk (FAIR) model for risk quantification and analysis

11:40am CHAIR'S OPENING REMARKS CHAIR'S OPENING REMARKS Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS

CHAIR'S OPENING REMARKS Heyna Deepa Patel, Senior Vice President, Senior Segment Risk Manager, THE HUNTINGTON NATIONAL BANK



11:45am

LIVE INTERVIEW: The road to better risk data governance-BCBS 239

The Fed’s approach of incorporating BCBS 239 into CCAR

How can banks use the regulation to gain a competitive advantage?

What BCBS 239 compliance challenges are IT infrastructure and frameworks facing?

Frederick Spencer CGEIT, ICBRR, US Chief Data Risk Officer, SOCIÉTÉ GÉNÉRALE Virginia Opacki, Director, BNY MELLON Philip Petrosky, Head of US Risk Data Governance, DEUTSCHE BANK

PRESENTATION: Building a holistic ORM program —including dynamic and insightful risk reporting

How to create a culture of collaboration across the lines-of-defense

Composing malleable and relevant risk taxonomies

Establishing influential data outcomes

Ladd Muzzy, Principal, NASDAQ BWISE

PRESENTATION: Assessing emerging risks and their impact on ORM

How do you identify emerging risks?

What are the tools and techniques used to gauge exposures and vulnerabilities?

Examining how to treat causes over symptoms

Brenda Boultwood, Senior Vice President of Industry Solutions, METRICSTREAM

Putting a price tag on enterprise-wide loss exposure

Justifying the value of cybersecurity to management and the board

Jack Freund, Senior Manager, Cyber Risk, TIAA-CREF Jack Jones, EVP Research & Development, RISKLENS Henry Jiang, Chief Information Security Officer (CISO), OPPENHEIMER AND COMPANY

5 min intermission allowing participants to change streams

12:20pm

PANEL DISCUSSION: Stress testing

How have banks faired on their stress tests on the three Fed-defined scenarios – baseline, adverse, and severely adverse?

PANEL DISCUSSION: Scenario analysis

How will the role of scenario analysis change in the quantification of operational risk under SMA?

PANEL DISCUSSION: Managing third party risk

How do firms approach third party risk?

What are the expectations around internal BCP for vendor outage?

Ensuring the first line of defence understands third

PANEL DISCUSSION: Measuring the impact of cyber security breach and managing cyber risk

The cost of business interruption

Reputational damage and legal costs associate with theft of customer information

The growing trend of cyber liability insurance

Building robust business continuity and disaster recovery plans



How can banks mitigate qualitative objections for Comprehensive Capital Analysis and Review (CCAR)?

What is the impact of introducing SMA on CCAR/ICAAP?

Helping foreign banks prepare for 2017 CCAR submissions

How does CCAR become embedded in your risk management process? How foreign banks need to follow suit from US banks

Lourenco Miranda, Managing Director, Head of CCAR, SOCIÉTÉ GÉNÉRALE CORPORATE AND INVESTMENT BANKING Gordon G Liu, EVP US Head of Global Risk Analytics, HSBC NORTH AMERICA Kresimir Marusic, Managing Director, US Financial Planning and Stress Testing Lead, DEUTSCHE BANK

How can scenario analysis and data capture mitigate risk?

Michael Barton, Director of Operational Risk Quantification and Scenario Analysis, CCAR/EC, AIG Patrick Naim, CEO, ELSEWARE Ni Kenney, Director - Operational Risk AMA Framework, Governance, Capital & CCAR, CAPITAL ONE

party risk, builds adequate monitoring and escalates out-of-tolerance metrics in a "standard" manner

How to evaluate country and economic risk for offshore vendors

How to detect vendor fraud?

Yakut Akman, Chief Third Party Management Officer, CITI Brian Neary, Vice President, Chief Operational Risk Officer, THE HARTFORD Joe Peddle, Third Party Risk Leader, SVP Operational Risk, GE CAPITAL Gayle Woodbury, CIA, CISA, CCSA, CTPRP, Managing Director, CROWE HORWATH

What type of data is needed for managing this risk?

Moderator: Alexander E. Abramov, Markets – Information Risk, THE BANK OF NEW YORK MELLON Henry K. Fu, MBA, CIA, CISA, CISM, FLMI, Director – Enterprise Risk Management, FIDELITY & GUARANTY LIFE Ryan E. Bateman, Director- Technology, SANDS CAPITAL MANAGEMENT

1:00pm Lunch and networking break

2:00pm

SPOTLIGHT ON: Integrating AMA models with other risk management goals

CASE STUDY: Effective operational risk management at

PRESENTATION: Managing operational risk losses

PRESENTATION: Risk in mobility

Insider Threat: Data exfiltration

Evaluating the risks associated with:



How to use AMA to model individual events of greatest concerns?

Can AMA be used towards creating a sustainable RCSA?

Evaluating the future of operational risk modeling: Will banks be able to use current oprisk models? How will models evolve under the SMA framework?

With the AMA accommodating towards political upheaval, will the SMA follow suit and ease political risk for banks?

the Insurer of the Year- MassMutual

Then and now

Use of GRC tools and techniques to inform operational risk management

How to use your GRC tool across various business lines and to uniformly respond to regulators

The benefits of customising your risk register or taxonomy

Brad Hoffman, Senior Vice President - Enterprise Risk and Actuarial, MASSACHUSETTS MUTUAL LIFE INSURANCE

Lessons learnt from internal and external events

Importance of boundary events and how to identify them

o Bring your own device (BYOD) o Contingent workers


2:35pm

SPOTLIGHT ON Dimitris Bartzilas, Head of ORM Capital, CREDIT SUISSE

LIVE INTERVIEW: Financial crime- Convergence of AML and fraud to achieve greater effectiveness and efficiency

Examining the benefits of the convergence of fraud and AML and the main obstacles in the convergence

LIVE INTERVIEW: Terrorism and physical security- the impact on business continuity

How do banks adapt to terrorist attacks? How does crisis management in banks need to adapt?

How to ensure your people and operations are safe? Does physical

LIVE INTERVIEW: Cyber as a subset of operational risk

Can information security use the same op risk framework? Will existing taxonomies and risk registers used to classify op risk losses suffice?

Moving away from unsupported legacy systems to established taxonomies that bridge the gap between technology specialists and risk professionals

Robert J. Gerden, SVP, Risk & Compliance, Enterprise Global Services, WELLS FARGO



How to successfully implement a unified case management system for both departments without necessarily combining the investigation teams

Crossing silos to centralise data collection to enable real-time analysis for AML and fraud without duplication

How to use flexible platforms that support different business models for AML and fraud co-existence to better understand a customer’s behaviour

McHenry Kane, Group Vice President, AML/BSA Strategies and Planning, SUNTRUST BANK Peter Warrack, Director AML FIU, BMO FINANCIAL GROUP Lester Joseph, SVP, Manager- Global Financial Crimes Intelligence Group, WELLS FARGO

security need to be revamped?

Janet Lerch, Chief Continuity and Technology Risk Officer, U.S. BANK Ihab Dana, CBCP, Head of Business Continuity Management US, RBC

Neil Datta, Director- Head of Operational Risk, OPTIMA FUND MANAGEMENT Derek Baumer, Managing Director, Enterprise Risk Management, STATE STREET

3:05pm Afternoon coffee and networking break

3:30pm

GUEST ADDRESS: Cross industry operational and cyber risk learnings

How is risk culture embedded in the organisation?



What's your organisations approach for setting risk appetite?

What approach do you use to quantify operational/cyber risk?

Preventing reputational ruin Franklin Donahoe, Chief Information Security Officer- Global Information Security Office, MYLAN *Audience Q&A Submit your questions via sli.do

4:00pm

ALL-STAR PANEL: The “new normal”: Convergence of operational and cyber security risk

Expanding operational risk to include cyber security risks

Revamping the ERM strategy: How can aligning fraud, IT, cyber security and operational risk management help join the dots?

Updating the three lines of defence to align board-level risk appetite

Crossing silos to foster knowledge sharing and cooperation Moderator: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS Ted Bruntrager, Global Head of Operational Risk Management, MANULIFE Jodi Richard, Head of Op Risk, U.S BANK John J. Doherty, Partner, Information Technology Advisory Services, EY Randy Miskanic, Americas Regional Head, Group Information Security Office, UBS *Audience Q&A Submit your questions via sli.do

4:45pm

CHAMPAGNE ROUNDTABLES: Bring your questions, leave with your answers! From session to roundtable- Take the day’s most contentious issues and fully engage with your peers in small interactive roundtable discussions to drill down, share best practice and take away diverse approaches to the same challenge from your fellow industry peers.

Roundtable 1: Regulation

Roundtable 2: AML, CTF and sanctions compliance

Roundtable 3: Cyber risk and data security

Roundtable 4: Geopolitical risks

Roundtable 5: Outsourcing

Roundtable 6: Conduct risk

Roundtable 7: Organisational change

Roundtable 8: IT failure



Roundtable 9: Fraud

Roundtable 10: Physical attack

Roundtable 11: Convergence of operational and cyber risk

Roundtable 12: The impact of fintech and innovation on operational risk

Roundtable 13: 3LODs

5:30pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET

5:35pm Networking drinks reception- Hosted by EY

7:00pm Private dinner- Invite only

Day Two: 15TH March 2017

VIP BREAKFAST BRIEFING: Hosted by IBM Invite only 07:30 Registration and refreshments

08:00 OPENING ADDRESS

08:10 ROUNDTABLE: Using cognitive computing to streamline regulatory compliance

The limitations of human resources in dealing with multiple regulatory compliance projects

The potential of cognitive computing to bring efficiencies to regulatory compliance

The challenges in gaining broader industry acceptance of the use of cognitive computing

Joseph W Lodato, Global Head of Compliance Technology and Surveillance, GUGGENHEIM PARTNERS Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS John Sabath, Vice President, Regulatory & Operational Risk, GE CAPITAL Viktor Grinberg, Head of Compliance and Regulatory Technology, US, DEUTSCHE BANK



8:30am Registration and refreshments

9:05am CHAIR'S OPENING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET CHAIR'S OPENING REMARKS

9:15am

KEYNOTE ADDRESS: Supervision in a new era Maryann Hunter, Deputy Director- Division of Banking Supervision and Regulation, BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM *Audience Q&A Submit your questions via sli.do

KEYNOTE ADDRESS *Audience Q&A Submit your questions via sli.do

9:50am

KEYNOTE PANEL: Digital disruption in the financial markets and its impact on operational risk

What's the Chief Operational Risk Officers view of fintech and innovation? Is it added complexity or added security?

Understanding how banks need to adapt oversight, processes and tools to support real time digital innovation

Digital disruption and innovation in banking- What are the emerging risks and how does it impact operational risks?

Deborah Hrvatin, Managing Director, Head of Operational Risk Management Americas, DEUTSCHE BANK Aengus Hallinan, Managing Director, Head of Operational Risk Management for the Americas and Global Markets, CREDIT SUISSE Beth Rudofker, Global Head of Operational Risk Management, CITI *Audience Q&A Submit your questions via sli.do

SPOTLIGHT ON: Emerging cyber regulation- A second and third line of defense perspective

More prescriptive guidance

New paradigm for risk management and audit

Enhanced board and executive management expectations

PART I

PRESENTATION

PART II

LIVE INTERVIEW Mahi Dontamsetti, SVP & Chief Technology Risk Officer (CTRO), STATE STREET CORPORATION Art Ackerman, SVP & Head of IT Audit, STATE STREET CORPORATION *Audience Q&A Submit your questions via sli.do

10:35am Morning coffee and networking break



STREAM 1: OpRisk losses and modeling

STREAM 2: ORM STREAM 3: The future of OpRisk

PRESENTATION Nicole Eagan, CEO, DARKTRACE

11:05am CHAIR'S OPENING REMARKS CHAIR'S OPENING REMARKS Gus Ortega, Head of Corporate Operational Risk Management, AIG

CHAIR'S OPENING REMARKS

11:10am

PRESENTATION: Harnessing a healthy risk culture to prevent operational risk losses

Learning from the recent million dollar settlement

Setting controls in place to prevent customer identity theft and set up of ghost accounts

Deseeding poisonous bonus driven employee culture

PRESENTATION: The role of creativity in ORM

The evolving face of operational risk management

The role of creativity

Emerging risks or converging risks?

Aengus Hallinan, Managing Director, Head of Operational Risk Management for the Americas and Global Markets, CREDIT SUISSE

PRESENTATION: Big data-an emerging risk or opportunity?

How to keep up with the growing demands for quicker and more detailed risk intelligence, based on the processing of ever-growing volumes of data

How can data be controlled, efficiently delivered and kept transparent and auditable?

Why is big data being considered a threat to the industry?

Bala Ayyar, Managing Director, Chief Data Officer - Americas, SOCIÉTÉ GÉNÉRALE


11:45am

PANEL DISCUSSION: Types of operational risk models

PANEL DISCUSSION: Risk appetite and KRIs

AUTHOR’S PANEL: The future of operational risk standards

PANEL DISCUSSION: Cloud security

Evaluating cloud security threats: Loss or theft of intellectual property, Loss of control over end user actions



LDA, regression, scenario, and other models

Evaluating model adequacy

Integrating models with risk management and regulatory requirements

Marco Migueis, Principal economist- Banking Supervision and Regulation, FEDERAL RESERVE BOARD Tonia Durfee, Director ORM Capital, CREDIT SUISSE Filippo Curti, Financial Economist, Quantitative Supervision and Research, FEDERAL RESERVE BANK OF RICHMOND

Should the RAS be the first source of top-down KRIs?

Are resources that calculate op risk capital that's more quant related different than RCSA resources that's more qualitative?

Can the risk appetite level and the tolerance level be at the same point?

Operating outside of the appetite

Setting KRIs for reputational risk and conduct risk?

Moderator: Gus Ortega, Head of Corporate Operational Risk Management, AIG Richard Cech, Senior Bank Examiner, Operational Risk Governance, Financial Institution Supervision Group, FEDERAL RESERVE BANK OF NEW YORK Karthik Ramakrishnan, Senior Manager- Financial Services Risk Management, EY Graeme Farrell, Global Head, Operational Risk Management Framework, JP MORGAN CHASE

New Paradigm in Operational Risk Management

Shift in Risk Management Infrastructure

Links to operational risk and macroeconomic/macro-prudential management

FinTech and New Operational Risk Challenges - Beyond Cyber Protections

Moderator: Diane R. Maurice, Technical Advisor- Office of Technical Assistance - International Banking, US DEPARTMENT OF TREASURY Prasad Kodali, Head of Operational Risk, CIT GROUP Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD Jack Freund, Senior Manager, Cyber Risk, TIAA-CREF

Investigating the risk of cloud services

The insider threat of Bring Your Own Cloud (BYOC)

Moderator: Michael Woodson, Former Information Systems Security Dir; Adjunct Professor, NORTHEASTERN UNIVERSITY Peter Keenan, Chief Information Security Officer (CISO), LAZARD John Polis, Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL

12:30pm Lunch and networking break



1:30pm

LIVE INTERVIEW: Preventing fraud

Moving away from the siloed approach to real time identification and prevention

Has insider fraud been trumped by online fraud?

Examining the interaction of internal and external fraud

How to data mine for internal and external fraud- what are the current trends and techniques?

The rise of application fraud

Moderator: Lori Miller, Managing Director, Head of Operational Risk, Investments, AIG Robert J. Gerden, SVP, Risk & Compliance, Enterprise Global Services, WELLS FARGO

LIVE INTERVIEW: Evaluating operational risk in buyside firms and banks

What kind of event type structure needed in each of these firms?

Will event and taxonomy structure look similar?

Integrated GRC programs for oprisk

LIVE INTERVIEW: Conduct risk

What are the drivers of conduct risk

Evaluating the way major banks approach conduct risk

What are the metrics used to monitor conduct exposures?

Fenton Aylmer, MD, Head of Operational Risk, CITI Jitendra Rathod, Senior Examiner, FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC) Vincent R. Pinelli, Managing Director, COO & Head of Audit OPS, MUFG UNION BANK

WAR GAMES: Responding to a cyber security breach Simulation of 3 cyber breaches: phishing, malware and insider threat

Hierarchy of response- who are the 1st and 2nd responders?

How will C-level executives report back to the board?

The role of cyber risk practitioners to patch up the breach

Op risk managers and getting systems and servers back up

Evaluating reputational damage

Handling PR communications


2:10pm

SPOTLIGHT ON: Risks and opportunities in 2017 from a front office perspective

PRESENTATION: The invisible ORM

PRESENTATION: Thinking beyond conventional GRC

PRESENTATION: Cyber risk and its impact on business continuity

Evaluating communications role in BCP: internal and external



2017 is shaping up to be a year of many changes and much uncertainty. This keynote address will delve into several risks that front offices will likely be exposed to in the New Year and the business and investment opportunities that may exist as a result.

Market risks

Geopolitical risks

Tweet risks

Regulation risks

Technology risks

Cybersecurity risks Kevin D. Mahn, President & Chief Investment Officer, HENNION & WALSH ASSET MANAGEMENT

How can ORM embed itself in existing business processes?

What kind of information/ metrics are required from the ORM function, other than loss reporting data?

Should ORM test controls to determine effectiveness or should this solely be the job of Audit and/or Compliance?

Daniel McKinney, Partner, Financial Services Organization, EY

Examining the significance for GRC in today’s business

Why should firms invest on next-generation GRC technology?

What are the trends in GRC technology and key drivers for GRC in the market?

Integrating policy management, vulnerability risk management and content library

Marshall Toburen, GRC Strategist, RSA

Inviting vendors into the BCP exercises

Testing third party BCPs

Involving op risk on the BCP event board

2:35pm Afternoon coffee and networking break

3.05pm

ALL-STAR PANEL: Redefining the 3 LODs across op risk and cyber risk

If 2LOD is supposed to be the police within the organization, is the 3LOD the judge?

How best should the 1LOD demonstrate their value to the businesses they support?

Ensuring the 1LOD and 2LOD safeguard information security

How to address the potential redundancy of testing across the 3LOD?

How much controls testing does the 2LOD execute? Does it vary for IT vs other control types?

How to enhance the communication between the 1st and the 2LOD for more effective op risk and cyber risk management?

Is it common to have a "1.5" LOD that links the risk management activities in the 1LOD with the 2LOD?

Do we need a 4LOD? Carrie M. Barranca, Head of Audit, Operational Risk, STANDARD CHARTERED Bob Agan, SVP, Director of Enterprise Risk Management, OPPENHEIMERFUNDS Kathleen M Stack, SVP, Operational Risk, HSBC NORTH AMERICA Glenn H. Hursh, Managing Director, KPMG



*Audience Q&A Submit your questions via sli.do

3:50pm

GUEST ADDRESS: The FBI on Wall Street - The 1LOD perspective for compliance and operational risk The inside story of “Tipper X” - how a former hedge fund analyst became one of the most prolific FBI informants in securities fraud history Tom Hardin (Tipper X), The FBI's most productive cooperating witness in Operation Perfect Hedge *Audience Q&A Submit your questions via sli.do

4:20pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET

4:30pm End of conference

oprisk north america advisory board cyber risk north ... › wp-content › uploads › 2018 › 05...

Documents