Media Sanitization is an often-overlooked part of many organizations’ cyber security plans. Studies have shown that the majority of “refurbished” hardware sold on eBay and GovDeals still hold data; much of which is sensitive. Old hardware provides a snapshot of an organization, and this hardware often sits for months or years unpatched and unmonitored. This means data breaches due to old hardware are often impossible to detect. Join me to discuss common myths, risks, regulations, and case studies on how to sanitize old IT hardware and what happens when it goes wrong. Everyone will leave the presentation with a better understanding of the NIST 800-88 guidelines, how to evaluate IT Asset Disposition vendors, emerging technologies which will impact hardware lifecycle planning. 

Cybersecurity today demands more than a checklist—it requires a clear understanding of the roles different disciplines play across your defense strategy. This session brings together experts in risk management, server hardening, data protection, auditing, and more to unpack how these functions align, where they differ, and how to prioritize them in practice. Attendees will walk away with real-world insights, practical takeaways, and a deeper grasp of how to navigate the evolving cybersecurity landscape. 

Vendor risk strategies are evolving. This panel dives into the complexities of vendor risk management—internally managed and externally outsourced—along with lessons in due care and real-world tactics for mitigating third-party cybersecurity risks. Expect a candid, expert-led discussion filled with practical guidance you can apply immediately.

In today's rapidly changing landscape, credit unions need to leverage AI's power to remain competitive. Navigating the evolving AI terrain may appear daunting, so finding a partner you can trust to guide you in this ever-expanding world of AI with confidence and clarity is essential.  

Join Karan Kashyap, co-founder & CEO of Posh, where he'll demystify ChatGPT, Generative AI, and Large Language Models (LLMs). Gain insights into risk mitigation strategies and delve into real-world applications like voice banking, virtual assistants, and knowledge management. Discover tactics for credit unions to democratize the VIP banking experience, improve operations, and elevate member satisfaction. This session aims to empower you with knowledge about the advantages and potential that AI-driven initiatives can offer your organization. 

This interactive whiteboarding session focuses on innovative education and marketing strategies to enhance member engagement with cybersecurity, empowering credit unions to stay informed and protected. 

Unpack the evolving intersections between cybersecurity, physical security, and fraud through the lens of program development and oversight. Attendees will explore foundational challenges, regulatory expectations, and operational realities, with insights into how frameworks, policies (including AI integration), and organizational culture shape a credit union’s defense strategy. The session will walk through the lifecycle of a financial crimes program, from its core fundamentals to ongoing evolution. 

In today's hyper-connected world, AI is no longer a futuristic fantasy; it's a transformative reality. Microsoft Copilot, with its seamless integration into the Microsoft 365 ecosystem, promises to revolutionize productivity. But this powerful tool comes with a price: a heightened risk landscape.

This presentation will dive deep into the security and compliance challenges posed by Copilot, exploring how organizations can harness its power while mitigating the dangers. We'll dissect the potential pitfalls, from data breaches and unauthorized access to the subtle risks of AI bias and misinformation.

We'll go beyond the technical jargon, focusing on practical strategies to navigate this complex terrain. You'll learn how to:

• Conduct a thorough risk assessment: Identify vulnerabilities, assess your current security posture, and understand your organization's unique risk profile.
• Develop a robust security framework: Implement data loss prevention measures, establish strong access controls, and integrate AI into your existing security architecture.
• Mitigate the human element: Educate employees about AI security best practices, foster a culture of security awareness, and implement robust training programs.
• Navigate the regulatory landscape: Understand and comply with relevant data privacy regulations and industry standards.
• Embrace a proactive approach: Develop a roadmap for secure AI adoption, including pilot programs, continuous monitoring, and a flexible, adaptive strategy.

This isn't just about avoiding disaster; it's about unlocking the true potential of AI while ensuring your organization's safety and success. Join us for a thought-provoking discussion on the future of work and how to navigate the exciting, yet challenging, world of AI with confidence.

Key takeaways

• Understand the security and compliance risks associated with Copilot.
• Develop a practical framework for assessing and mitigating these risks.
• Learn how to integrate AI securely into your organization's operations.
• Gain valuable insights from industry experts and real-world case studies. 

This fast-paced session features three cybersecurity experts delivering focused 20-minute segments on cutting-edge topics: Content Disarming and Reconstruction (CDR), the risks and detection of deepfakes, and the design and impact of cyber exercises. Attendees will gain practical insights and tools to enhance threat mitigation, identify emerging threats, and strengthen organizational resilience.

• Content Disarming and Reconstruction: Leveraging advanced techniques to neutralize potential threats in files and emails while preserving usability.  
• Deepfake: Understanding and combating the rise of deepfake technology.
• Cybersecurity Exercises: Simulate real-world threats, test incident response plans, and enhance preparedness. 

This fast-paced session features three cybersecurity experts delivering focused 18-minute segments on essential topics: securing communication tools, strengthening endpoint security, and protecting brand reputation in the digital landscape. Attendees will gain practical strategies and insights to safeguard key assets and defend against evolving cyber threats.

• Communication Tools: Explore how integrated communication tools - including managed networks, cloud-based phone and contact center systems, and reliable internet connectivity - can enhance operational efficiency, customer experience, and organizational resilience.
• Endpoint Security Tools: Deep dive into endpoint security strategies that go beyond antivirus—focusing on zero trust, application control, and real-time threat containment to protect your credit union’s most vulnerable access points.
• Brand Protection: How a brand is more than logos and trademarks; discuss how preserving members' trust in your institution is part of the brand. 

Future-ready credit unions are investing in more than just tools—they’re building the skills, systems, and structures needed to lead through change. This session provides a roadmap for readiness, starting with the facts and moving through how to empower staff and members using a skills matrix, reinforce agile processes, and modernize technology systems. Participants will explore how to balance human capability with tech-driven innovation to build for what’s coming. 

This panel brings together legal and regulatory experts to explore the evolving legal landscape of cybersecurity for credit unions. From data breaches to contractual liability, attendees will gain insights into compliance expectations, enforcement trends, and the legal risks tied to cyber incidents. Panelists will also discuss the intersection of cybersecurity with examinations, vendor contracts, and indemnification clauses. Walk away with practical guidance on protecting your institution from legal exposure in an increasingly complex threat environment. 

Effective cybersecurity requires collaboration across education, government, and industry—but navigating those partnerships takes intention and trust. This panel brings together leaders from training institutions, academia, and state-level coordination to discuss what makes cross-sector collaboration successful. Panelists will share lessons learned, models for engagement, and strategies for breaking down silos to achieve shared cybersecurity goals. Whether you're launching a new partnership or strengthening an existing one, this session offers practical insights for working better together. 

In today’s interconnected threat landscape, timely cyber incident reporting isn’t just a regulatory requirement - it’s a critical part of your crisis response strategy. This session clarifies which incidents require notification, what support CISA provides, and how recent updates to the Cyber Incident Reporting Portal (August 2024) streamline the process. The session will also explore how cyber incident reporting integrates into broader emergency response workflows, with examples from South Carolina's state-level Critical Infrastructure Cybersecurity Task Force. Attendees will leave with a clear understanding of mandatory vs. voluntary reporting, improved coordination opportunities, and the importance of cross-sector engagement before, during, and after a cybersecurity event.