2025 ISO-Information Security RAP

Beyond the Cybersecurity Assessment Tool: Leveraging Security Frameworks to Strengthen your Financial Institution

The Community Bankers of Georgia, in collaboration with Hark Advisors, is proud to continue offering Information Security Officer Peer Groups. This program is uniquely designed to cater to both individuals new to the industry and seasoned professionals keen on enhancing their knowledge and sharing resources.

Our association is proud to partner with CBA’s Associate members to bring back these beneficial roundtable forum training events.  The peer group offers a platform for open dialogue, learning, and collaborative problem-solving.

INSTRUCTOR: 

Jim Rumph, President
Hark Advisors

With the CAT being decommissioned, we’ll explore alternative frameworks such as the NIST Cybersecurity Framework and CIS to enhance cybersecurity strategies.  We will highlight several critical controls from the various frameworks and discuss how community FI’s are implementing these controls to better secure their respective organizations.  We’ll discuss what controls are needed now and what we should prepare for in the future.  Control topics include:  

• Access Management: 
  • User Access Reviews
  • Enhanced/Passwordless Authentication
  • Multi-Factor Authentication
• Threat Detection and Response
  • Network Monitoring
  • Penetration Testing
  • Internal Vulnerability Management Program
• Device and Data Protection
  • Mobile Device Protection
  • Data Identification and Classification
• Application Security
  • M365 Security and Resources
    
    

Additional discussion will include:

• Roundtable discussions
• Regulatory updates and hot button items
• Shared challenges
• Common findings
• Recent cyber incidents

ABOUT OUR INSTRUCTOR:
Jim Rumph is the founder of Hark Advisors, bringing over 18 years of experience in information technology risk management. With a deep expertise in regulated industries including financial services, Jim has a proven track record of leading a wide range of critical projects for his clients. These include IT Controls Reviews, Information Security Risk Management, Penetration Tests, Vulnerability Assessments, Social Engineering Tests, ACH exams, IT Sarbanes-Oxley (ITSOX) and IT FDICIA engagements. Throughout his career, Jim has been dedicated to providing valuable insights and assistance to clients as they navigate security and regulatory challenges. His teams have delivered hundreds of engagements nationwide to financial institutions ranging from $50 million to $15 billion in assets. Jim is also a seasoned educator, frequently conducting training sessions for clients and speaking at industry events. His certifications include Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker (CEH).