This document discusses strategies for planning and executing an effective strategic growth plan for an institution. It begins by outlining the topics that will be covered, including why strategic planning is important, an effective strategic planning process, and minimizing execution risk. It then discusses analyzing internal capabilities and external opportunities, developing strategic options, agreeing on a strategy and communicating it. The document emphasizes linking strategy to operating and capital budgets, monitoring performance, and involving stakeholders. It provides examples of strategic planning best practices from a successful community bank. Finally, it discusses minimizing execution risk through disciplines like accountability, flexibility, and strong execution. The overall message is that a well-thought out strategic planning process is essential for dealing with external pressures and achieving long-term value.
What does CRM mean to you? Attendees heard about current obstacles and best practices. In addition, the Director of Business Banking at ESL Federal Credit Union talked about their CRM journey and what their ideal future state looks like. Learn how NextGen can fit into your CRM plans.
Denise Patrick recently spoke at the Kluge Offshore Summit 2014 about the various concerns and solutions of expanding your energy business into the U.S. Gulf of Mexico.
Building a Best-Run Finance Organization: A New Role to Address Today's Busin...FindWhitePapers
Is your company seeking to incorporate finance as a core line of business? This SAP Executive Insight examines the changing role of the finance organization in today's business environment - and describes how companies can develop best-run finance organizations.
With the Strategy Execution and Innovation Forum rapidly approaching, Howard Rohm, Co-Founder and President, and Joe DeCarlo, Vice President, International, of the Balanced Scorecard Institute, discussed on a live webinar how to improve strategy execution with innovation, and how to improve the strategic innovation process. Topics included Strategy Execution, Alignment, and Planning, Managing Innovation, Creating an Innovation Strategy for your Organization and more.
To view recording: https://youtu.be/nLzaK9yRgxE or watch the video at end of the slide
Featured Event:
Strategy Execution and Innovation Forum
Conference: 8 - 9 May 2017
Masterclasses: 7 & 10 May 2017
The Address Dubai Marina, Dubai, UAE | #strategyleaders
http://www.strategyexecutionuae.com/
What does CRM mean to you? Attendees heard about current obstacles and best practices. In addition, the Director of Business Banking at ESL Federal Credit Union talked about their CRM journey and what their ideal future state looks like. Learn how NextGen can fit into your CRM plans.
Denise Patrick recently spoke at the Kluge Offshore Summit 2014 about the various concerns and solutions of expanding your energy business into the U.S. Gulf of Mexico.
Building a Best-Run Finance Organization: A New Role to Address Today's Busin...FindWhitePapers
Is your company seeking to incorporate finance as a core line of business? This SAP Executive Insight examines the changing role of the finance organization in today's business environment - and describes how companies can develop best-run finance organizations.
With the Strategy Execution and Innovation Forum rapidly approaching, Howard Rohm, Co-Founder and President, and Joe DeCarlo, Vice President, International, of the Balanced Scorecard Institute, discussed on a live webinar how to improve strategy execution with innovation, and how to improve the strategic innovation process. Topics included Strategy Execution, Alignment, and Planning, Managing Innovation, Creating an Innovation Strategy for your Organization and more.
To view recording: https://youtu.be/nLzaK9yRgxE or watch the video at end of the slide
Featured Event:
Strategy Execution and Innovation Forum
Conference: 8 - 9 May 2017
Masterclasses: 7 & 10 May 2017
The Address Dubai Marina, Dubai, UAE | #strategyleaders
http://www.strategyexecutionuae.com/
Challenges in Creating Professional Services in a Software Development Organi...Jeff Korn
Companies are increasingly finding it difficult to build in added value services to their organizations because of perceived costs, lack of available staff, difficulties with scaling, and most importantly a customer base that more and more devalues these services.
Companies also struggle with how to build viable teams once a need has been determined.
In this presentation, you’ll learn about service options, and the base for team growth for services.
Additional presentations discuss building a services team.
Simple Small Business Strategic Planning ToolB2BPlanner Ltd.
This presentation was given by Art Helmstetter at a Dayton Chamber of Commerce sponsored workshop to help small businesses learn how to develop a strategic plan for their business. For information or assistance contact www.b2bplanner.com
Deloitte CFO and finance discussion documentMarc Joiner
How can a CFO think about how they spend their time, where they focus efforts, and how their Finance team can deliver value to the organization? This document can act as a framework for CFOs and Finance teams.
Want to learn how to jump-start your SMMP?
You’ve got the go-ahead from procurement to implement a Strategic Meetings Management Program (SMMP). Fantastic! Now what? Knowing where to start, which stakeholders to involve and what steps to take to drive a successful strategy can be unfamiliar territory to meeting and event professionals of all levels.
This free webinar will help guide you through a high-level “getting started” process in which you will learn:
Typical components to SMMP
Pre-planning to get started
Key steps for implementation
Common pitfalls to avoid
Key priorities and value creation during first 100 days as CEO of British Foo...James Waddell
Presentation for Chairman and Board of British Footwear Association selection day. An example of how I can add value to organisations. Innovate way of increasing membership and training courses to enhance offer to existing and prospective members. Addressing key issue that was eluding the Board of Association which has been running year on year deficits for several years.
Frankfurt Bookfair Supply Chain Meeting: Publishing in a Digital AgeMichael Cairns
Presentation to the Supply Chain Interest Group at the 2008 Frankfurt Bookfair (October 13, 2008).
Video available here: http://www.book-fair.com/en/company/press_pr/newsletter/daily/review/00833/index.html
Unified Communications and VoIP Trends BriefingDon Gulling
Originally presented at the Data Connectors conference in Orlando, FL on September 10th, 2015. Presentation covers trends in VoIP for business, with an emphasis on ShoreTel technology including virtualization and Mobility.
Practical Defences Against A New Type of Professional Bank FraudstersAlbert Hui
A high-level overview of the growing problem of BEC (business email compromise) fraud and the money laundering mechanism behind it, followed by practical prevention advices that FIs and firms alike can implement right away.
Challenges in Creating Professional Services in a Software Development Organi...Jeff Korn
Companies are increasingly finding it difficult to build in added value services to their organizations because of perceived costs, lack of available staff, difficulties with scaling, and most importantly a customer base that more and more devalues these services.
Companies also struggle with how to build viable teams once a need has been determined.
In this presentation, you’ll learn about service options, and the base for team growth for services.
Additional presentations discuss building a services team.
Simple Small Business Strategic Planning ToolB2BPlanner Ltd.
This presentation was given by Art Helmstetter at a Dayton Chamber of Commerce sponsored workshop to help small businesses learn how to develop a strategic plan for their business. For information or assistance contact www.b2bplanner.com
Deloitte CFO and finance discussion documentMarc Joiner
How can a CFO think about how they spend their time, where they focus efforts, and how their Finance team can deliver value to the organization? This document can act as a framework for CFOs and Finance teams.
Want to learn how to jump-start your SMMP?
You’ve got the go-ahead from procurement to implement a Strategic Meetings Management Program (SMMP). Fantastic! Now what? Knowing where to start, which stakeholders to involve and what steps to take to drive a successful strategy can be unfamiliar territory to meeting and event professionals of all levels.
This free webinar will help guide you through a high-level “getting started” process in which you will learn:
Typical components to SMMP
Pre-planning to get started
Key steps for implementation
Common pitfalls to avoid
Key priorities and value creation during first 100 days as CEO of British Foo...James Waddell
Presentation for Chairman and Board of British Footwear Association selection day. An example of how I can add value to organisations. Innovate way of increasing membership and training courses to enhance offer to existing and prospective members. Addressing key issue that was eluding the Board of Association which has been running year on year deficits for several years.
Frankfurt Bookfair Supply Chain Meeting: Publishing in a Digital AgeMichael Cairns
Presentation to the Supply Chain Interest Group at the 2008 Frankfurt Bookfair (October 13, 2008).
Video available here: http://www.book-fair.com/en/company/press_pr/newsletter/daily/review/00833/index.html
Unified Communications and VoIP Trends BriefingDon Gulling
Originally presented at the Data Connectors conference in Orlando, FL on September 10th, 2015. Presentation covers trends in VoIP for business, with an emphasis on ShoreTel technology including virtualization and Mobility.
Practical Defences Against A New Type of Professional Bank FraudstersAlbert Hui
A high-level overview of the growing problem of BEC (business email compromise) fraud and the money laundering mechanism behind it, followed by practical prevention advices that FIs and firms alike can implement right away.
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
A presentation on IT security, wire fraud and trends in information technology. The information is focused on making the audience aware of the new threats, how to protect against them, and what measures you can take to keep your critical information secure.
Peter Wood has worked as an ethical hacker for the past 20 years, with clients in sectors as diverse as banking, insurance, retail and manufacturing. He will describe how advanced persistent threats operate from a security intelligence perspective, based on published case studies and analysis. He will highlight APT entry points and exploitation techniques and suggest practical prevention and detection strategies.
The goal of this brief is to define the differences between goals, strategies, objectives and tactics, and to show how they can be applied for companies, brands and initiatives.
Appreciative Inquiry For Strategic Planning Avi Z Liran
Snap Preview of Appreciative Inquiry (AI) for Strategic Planning and the differences between SWOT and SOAR models as well as the benefits of AI Vs. Problem Solving.
Mobile payments landscape in Zimbawe | Beyond 2015Evolys Digital
How can businesses benefit from the Mobile Payments Revolution in Zimbabwe, and what is the future like for those who want to venture into the mobile payments landscape. Evolys Digital
Dr Peter Cannell, Open University, presentation for the CILIPS conference 2010 at the Mitchell Library in Glasgow.
An overview of the role played by the OU in HE in Scotland.
Sm 11 part_03_03
Strategic Management course version 11
Strategic management in any organization is important as it provides overall direction by developing plans and policies designed to achieve objectives and then allocating resources to implement the plans.
Videos on YouTube:
video 01
https://youtu.be/alh6O6Q_9sc
video 02
https://youtu.be/b2UwGeOTEX0
video 03
https://youtu.be/R7K0W3yinLo
Driving Key Account Growth: Planning and Execution to Access the White SpaceRichardson
Decreasing customer loyalty, higher expectations, and constant competitive threats are making forecasted business from your best customers anything but a certainty. The presentation will cover the following:
1. The guiding principles for excellence in strategic account planning
2. Quantitative and qualitative factors to consider in choosing accounts for strategic account planning
3. How to align to the customer’s strategy
Account plan execution
Social business or social enterprise needs careful planning. This slide series was developed and presented for the Social Business Launch Pad seminars by William P. Kittredge, PhD. The Social Business Launch Pad is a joint education seminar series co-sponsored by the Yunus Center at AIT and the Thai Social Enterprise Office http://www.tseo.or.th/
A Global Perspective on Alignment: Looking Over the Horizon Mitchell Weis...mitchweisberg
Bsi user conference, Mitchell Weisberg
A Global Perspective on Alignment: Looking Over the Horizon considers the need to incorporate predictive analytics in your balanced scorecard methodology and reporting to manage in the dynamic global business world.
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
Skye Residences | Extended Stay Residences Near Toronto Airportmarketingjdass
Experience unparalleled EXTENDED STAY and comfort at Skye Residences located just minutes from Toronto Airport. Discover sophisticated accommodations tailored for discerning travelers.
Website Link :
https://skyeresidences.com/
https://skyeresidences.com/about-us/
https://skyeresidences.com/gallery/
https://skyeresidences.com/rooms/
https://skyeresidences.com/near-by-attractions/
https://skyeresidences.com/commute/
https://skyeresidences.com/contact/
https://skyeresidences.com/queen-suite-with-sofa-bed/
https://skyeresidences.com/queen-suite-with-sofa-bed-and-balcony/
https://skyeresidences.com/queen-suite-with-sofa-bed-accessible/
https://skyeresidences.com/2-bedroom-deluxe-queen-suite-with-sofa-bed/
https://skyeresidences.com/2-bedroom-deluxe-king-queen-suite-with-sofa-bed/
https://skyeresidences.com/2-bedroom-deluxe-queen-suite-with-sofa-bed-accessible/
#Skye Residences Etobicoke, #Skye Residences Near Toronto Airport, #Skye Residences Toronto, #Skye Hotel Toronto, #Skye Hotel Near Toronto Airport, #Hotel Near Toronto Airport, #Near Toronto Airport Accommodation, #Suites Near Toronto Airport, #Etobicoke Suites Near Airport, #Hotel Near Toronto Pearson International Airport, #Toronto Airport Suite Rentals, #Pearson Airport Hotel Suites
Enterprise Excellence is Inclusive Excellence.pdfKaiNexus
Enterprise excellence and inclusive excellence are closely linked, and real-world challenges have shown that both are essential to the success of any organization. To achieve enterprise excellence, organizations must focus on improving their operations and processes while creating an inclusive environment that engages everyone. In this interactive session, the facilitator will highlight commonly established business practices and how they limit our ability to engage everyone every day. More importantly, though, participants will likely gain increased awareness of what we can do differently to maximize enterprise excellence through deliberate inclusion.
What is Enterprise Excellence?
Enterprise Excellence is a holistic approach that's aimed at achieving world-class performance across all aspects of the organization.
What might I learn?
A way to engage all in creating Inclusive Excellence. Lessons from the US military and their parallels to the story of Harry Potter. How belt systems and CI teams can destroy inclusive practices. How leadership language invites people to the party. There are three things leaders can do to engage everyone every day: maximizing psychological safety to create environments where folks learn, contribute, and challenge the status quo.
Who might benefit? Anyone and everyone leading folks from the shop floor to top floor.
Dr. William Harvey is a seasoned Operations Leader with extensive experience in chemical processing, manufacturing, and operations management. At Michelman, he currently oversees multiple sites, leading teams in strategic planning and coaching/practicing continuous improvement. William is set to start his eighth year of teaching at the University of Cincinnati where he teaches marketing, finance, and management. William holds various certifications in change management, quality, leadership, operational excellence, team building, and DiSC, among others.
Unveiling the Secrets How Does Generative AI Work.pdfSam H
At its core, generative artificial intelligence relies on the concept of generative models, which serve as engines that churn out entirely new data resembling their training data. It is like a sculptor who has studied so many forms found in nature and then uses this knowledge to create sculptures from his imagination that have never been seen before anywhere else. If taken to cyberspace, gans work almost the same way.
The world of search engine optimization (SEO) is buzzing with discussions after Google confirmed that around 2,500 leaked internal documents related to its Search feature are indeed authentic. The revelation has sparked significant concerns within the SEO community. The leaked documents were initially reported by SEO experts Rand Fishkin and Mike King, igniting widespread analysis and discourse. For More Info:- https://news.arihantwebtech.com/search-disrupted-googles-leaked-documents-rock-the-seo-world/
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Attending a job Interview for B1 and B2 Englsih learnersErika906060
It is a sample of an interview for a business english class for pre-intermediate and intermediate english students with emphasis on the speking ability.
Business Valuation Principles for EntrepreneursBen Wann
This insightful presentation is designed to equip entrepreneurs with the essential knowledge and tools needed to accurately value their businesses. Understanding business valuation is crucial for making informed decisions, whether you're seeking investment, planning to sell, or simply want to gauge your company's worth.
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...Kumar Satyam
According to TechSci Research report, “India Orthopedic Devices Market -Industry Size, Share, Trends, Competition Forecast & Opportunities, 2030”, the India Orthopedic Devices Market stood at USD 1,280.54 Million in 2024 and is anticipated to grow with a CAGR of 7.84% in the forecast period, 2026-2030F. The India Orthopedic Devices Market is being driven by several factors. The most prominent ones include an increase in the elderly population, who are more prone to orthopedic conditions such as osteoporosis and arthritis. Moreover, the rise in sports injuries and road accidents are also contributing to the demand for orthopedic devices. Advances in technology and the introduction of innovative implants and prosthetics have further propelled the market growth. Additionally, government initiatives aimed at improving healthcare infrastructure and the increasing prevalence of lifestyle diseases have led to an upward trend in orthopedic surgeries, thereby fueling the market demand for these devices.
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
Putting the SPARK into Virtual Training.pptxCynthia Clay
This 60-minute webinar, sponsored by Adobe, was delivered for the Training Mag Network. It explored the five elements of SPARK: Storytelling, Purpose, Action, Relationships, and Kudos. Knowing how to tell a well-structured story is key to building long-term memory. Stating a clear purpose that doesn't take away from the discovery learning process is critical. Ensuring that people move from theory to practical application is imperative. Creating strong social learning is the key to commitment and engagement. Validating and affirming participants' comments is the way to create a positive learning environment.
DHG Financial Services Strategic Planning and Cybersecurity Presentation
1. 1
Plan for Your Institution’s
Strategic Growth
5/19/2016
MAY 19, 2016
2. 2
Our Discussion Topics
1. Why Strategic Planning
2. A Process That Works
3. Walking Through That Process
4. Minimizing Execution Risk
3. 3
Converting Opportunities to Performance
Strategic Options
External
Factors
Changes emerging in the
external environment
Internal
Factors
Capabilities to execute
the strategy
Strategic Options: What is the best path to long-term value?
Growth
Long Term
Value
Organic
Acquired
Customer
Base
Share of
wallet
Profits
Geographic
footprint
New
customers
New or
better
products
Product
Mix
Efficiency
Invest to
Innovate
Invest to
reduce
costs
4. 4
• Has done a critical, data-driven evaluation of internal
capabilities
• Effectively links operating and capital budgets to strategy;
strategic objectives with performance evaluation and rewards
DescriptionComponents
• Has done a critical, data-driven evaluation of
marketplace opportunities and needs
• Has strong mechanism for monitoring results on strategic
initiatives; actual performance versus expectations
Strategic Planning Components
4
Customers and Markets
Understood
Internal Capabilities
Understood
Effective Linkages
Progress is Known,
Tangible
Agreed Upon, Shared
Vision
Clearly Communicated
Future Direction
• Has done an effective job of involving key stakeholders
(owners, directors, leadership, senior management)
• Strategy statement/document clearly delineates the future
path and performance objectives; strategic initiatives to get
there
5. 5
2 431
A Process That Works
5
5
Link to operating and
capital budgets;
management
objectives,
compensation
Execute the
Strategy
Agree and
communicate the
strategy, objectives,
and road map
Develop the
Strategy
Discuss performance,
strategic options; drive
to common
understanding
Conduct Planning
Sessions
Compile
comprehensive
information for
planning sessions
Establish a Common
Fact Base
Focus the organization on a course of action to achieve its objectives
1. Where are we now?
2. Where do we want to be?
Structured, logical path to build a well-thought out and agreed upon
strategy
3. How do we get there?
4. How do we measure our progress?
Simple Question Set
6. 6
Changes Emerging in External Environment
Internet of things,
delivery channel
evolution or revolution,
cybersecurity − threats
to information assets
Economy
Political,
Regulatory
Technology
Customers
Industry
Competition
External
Factors
Analysis
Margin compression,
increased capital
requirements, lower
returns to owners,
acquire or be acquired
Prosperity trends, lackluster
GDP growth trends, monetary
policy, interest rates, capital
market directional trends
National elections and
business orientation,
regulatory compliance
and rising cost
Saturated markets,
scale and cost
advantages, new
entrants
Emerging segments;
changing preferences,
habits, and attributes;
brand loyalty
The ability of an organization to sense the changes emerging in its external environment
and to develop decisions and actions to mitigate risks and take advantage of
opportunities – and doing this better than the competition
1
7. 7
Business Segment Assessment
7
Fact base established at business segment level
7
• What are our major
opportunities to
improve
operational
performance?
• What are the
internal strengths
and weaknesses of
the business –
people, process,
and technology?
• How do they help
or constrain the
business?
• What customer
segments,
products, and
markets offer the
greatest potential?
• What is the
strategy to most
profitably serve
those customer
segments and
markets?
• Who are the
competitors?
• What is the basis
of competition?
• How do we perform
versus those
companies?
Operating
Model
Internal
Capabilities
Opportunities
& Strategy
Competitive
Position
1
9. 9
Strategy − Focus on Course of Action to Achieve
Goals
3
Plan should capture and summarize
• Strategy statement
• Characterizes the products-to-target markets and segments,
channels to reach those targets; specifies explicit profit and
performance objectives; states distinguishing operational
philosophies
• Assumptions under which the plan was prepared
• Financial projections
• Desired future state
• Primary Strategic Initiatives to reach that desired future state
• Accountability, action steps and timelines, specific milestones,
success clearly defined
10. 10
Citizens Business Bank (CBB)
The segment: small to middle size businesses, de novo in 1975
3 Top Performers Convert Opportunities Better
Than Others
Source: Winning Strategies in Community Banking, Project Excellence, 1998 KPMG Peat Marwick LLP
Winning Strategies in Community Banking
(KPMG 1998)
• Top Performing Community Bank − $1.3 billion in
assets
• Clear vision of strategy and market from beginning.
Business and professional market is where CBB can
make the difference and have the greatest
competitive advantage.
• CBB put in place a customer-focused sales driven
strategy with unparalleled customer service as a
cornerstone. Sales is a top priority. “If you are good
at sales, then good business will come to you,” per
CEO D. Linn Wiley.
“Wiley believes strongly that
today’s banking market demands a
commitment to rigorous
‘professional management.’ He
asserts, ‘We are a planning
oriented company.’ The bank goes
through an annual planning
process in November formulating
specific goals and plans for the
coming year. Wiley then puts in
place the structure and people to
support the plan.”
11. 11
Citizens Business Bank
155 Consecutive Quarters of Profitability
105 of Paying Cash Dividends (2015)
3 Top Performers Convert Opportunities Better
Than Others continued
Source: CVB Financial Corp. Annual Report 2015; 4th Quarter Analyst Briefing
“Our team has worked hard to
execute the long-term strategy of
our bank which is to build and
maintain relationships with the best
small to middle size businesses
and their owners in our geographic
marketplace.”
- Chris Myers, CEO
4th Quarter 2015, Analyst Briefing
The Best Bank in America
(Forbes 2015)
• Top 5 Bank (Bank Director Magazine), SNL Top 100 $1 to
$10B − $7.7 billion in assets
• Vision…Become premier financial services
company...serving the comprehensive financial needs of
successful small to medium-sized businesses and their
owners.
• Mission…Achieve superior financial performance and
rank in the top 10 percent of financial institutions in the
nation in ROE and ROA…Will be achieved by delivering
the finest in financial products and services through
relationship banking commitments with businesses and
professionals…
12. 12
Minimizing Execution Risk
Commit to an
identity
Differentiate and grow by being clear-
minded about what you can do best
1
Translate the
strategic into
every day
Build and connect the cross-functional
capabilities that deliver your strategic
intent
2
Put your
culture
to work
Celebrate and leverage your cultural
strengths
3
Cut costs to
grow stronger
Prune what doesn’t matter to invest more
in what does
4
Shape your
future
Reimagine your capabilities, create
demand, and realign your industry on
your own terms
5
Five Acts of Unconventional Leadership
Source: How Winning Companies Close the Strategy-to-Execution Gap, Paul Leinwand and Cesare Maindari, 2016 Harvard Business
School Publishing
4
• Have the right people on board
• Have a clear strategy and path
to execution
• Be agile in adapting to
changing external factors,
market circumstances
• Be very disciplined in plan
development and execution
13. 13
• Planning Process: “There needs to be a great deal of intentional
discipline – a standard process that is predictable and executed every year.
– February – Executive management team looks out a couple of years; invite
experts of various types to participate in dialog
– May – Have extended meeting with board to look forward; discuss performance
– July – Update the strategy; offsite with board and executive management team
– September – Updated strategy reflected in the budgets
– Monthly and quarterly – Assess how well we are doing.”
• Strategy Execution: “Key to execution is accountability.
– Overall linkage is essential – strategic goals budget goals individual
goals/incentive plans
– Tie compensation to strategy. Some goals/aspects are easy since it’s meeting
the numbers; some are more difficult to establish because they are more
intangible – but they all need to be linked together.”
Source: Interview with CEO, Diversified Financial Services Company (Banking and Specialty Finance), 2016
4 Minimizing Execution Risk continued
14. 14
Closing Comments
• It is essential that:
Leadership has confidence in the strategy
The strategy is understood across the bank
The strategy can be or is being executed.
• Anything less makes dealing with headwinds extremely difficult.
• Q&A
With today’s external regulatory and competitive pressures and uncertain
economic environment, building franchise value requires a well-thought out
and agreed upon strategy.
15. 15
Bill Walton
Partner
DHG Financial Services
bill.walton@dhgllp.com
D 404.575.8902
Suzanne Donner
Director
DHG Financial Services
suzanne.donner@dhgllp.com
D 404.681.8224
17. 2
IT advisory
Why are we talking Cyber? The Numbers
• 4 trillion
• 5%
• 4 minutes
• 100%
18. 3
IT advisory
Agenda
• Brief Look at Data Breach Stats
• Data Breach Causes and Results
• Security Incidents – Common Scenarios
• How can we prepare?
24. 9
IT advisory
Recent Statistics
Breach Root Causes 2015
Malicious or Criminal Attack
System Glitch
Human Error
Source: Ponemon Institute 2015 Cost of Data Breach Study
47%
24%
29%
27. 12
IT advisory
Recent Known Breaches
Kardashian website
- Web application code deficiency
- 663,270 names and email addresses
Excellus Blue Cross Blue Shield - NY
- May have started 2 years ago
- 10 million records (names, DOB, SSN, credit cards)
University of Virginia
- Hack originating from China
www.privacyrights.org
28. 13
IT advisory
Recent Known Breaches
Ashley Madison
- Hack originating from China but possible inside job
- 37 million records (including names posted online)
UCLA Health System
- Did not take “basic” steps to encrypt data
- 4.5 million records (names, DOB, SS#, credit cards)
Office of Personnel Management – D.C.
- 21.5 million social security numbers
30. 15
IT advisory
Social Engineering
Attention User:
Your email quota is almost exceeded. Starting
from December 8th, we are migrating to new email
interface. So we are currently doing maintenance
on our server. Please visit page below to update
your account and avoid losing your inbox.
http://xxxxxxxxxxxx.com/data/allow.html
Thank you.
Technical Team
32. 17
IT advisory
Top 5 Assessment Findings - Technical
Internet Service Provider connections
Outdated security patches
Voice over IP (telephone) lack of encryption
Weak and default passwords
Weak secondary device configurations
33. 18
IT advisory
Top 5 Assessment Findings - Social
Weak physical site controls
Response to phishing email
- Provide logon credentials
- Click on a bad link or attachment
Response to vishing (accounting departments)
Response to fake website
34. 19
IT advisory
Social Engineering - Physical Site Scenario
- Printer vendor who is taking over toner
cartridge supplies needs an inventory – behind
teller line
- General contracting company who won the bid
to fix anything visible to the public – got access
to bank vault
- From AT&T looking at access issues
- Fake letter if challenged - -
35. 20
IT advisory
Social Engineering – Vishing Scenarios
- Known third party lender inquiring of the
Accounting department for missing wire
- Fictitious company starting a grant program,
has “had discussions with the CFO” and
needing a last minute wire transfer
- Utility company on behalf of their customer
regarding an “overdrafted account”
- Third party IT support vendor - -
36. 21
IT advisory
Security Incident vs Data Breach
Perception is Important
– People use “breach” too frequently
– You don’t want your customers or regulators to think
you are subject to numerous breaches
– “Breach” suggests something bad happened or is
going to happen
– “Breach” has legal significance
• Incident Response Team should use “Security
Incident” not “Breach” on internal communications
38. 23
IT advisory
Typical Security Incident Scenario
“Houston we have a problem …”
Ransomware message
Malware incident that escalates
Network performance
Increase in suspicious emails
Notification from employees’ banks of
suspicious account login activity
39. 24
IT advisory
Typical Security Incident Scenario
“Time for action …”
Performs initial analysis and triage
Notifies IT service providers
Determines assistance is needed,
scrambles to find an outside security
specialist
“Tick, tock, tick, tock …” or “$, $, $, $...”
40. 25
IT advisory
Unanticipated Costs
• Investigation Costs
• Regulatory / Industry Fines or Penalties
• Remediation / Infrastructure Change Costs
• Mandatory Notification to Customers
• Brand Damage
42. 27
IT advisory
How Can We Prepare?
Question – If someone was trying to breach
your systems today …
WHO WOULD BE THE FIRST TO NOTICE IT?
Reducing risk will require investment …
Skillsets / resources
Software / hardware solutions
Third party relationships for monitoring
User Awareness
43. 28
IT advisory
How Can We Prepare?
Assign Responsibility for Data Protection
• CISO, CPO, CRO
• Responsible for overseeing ongoing data
protection program
• Must Maintain Awareness of New
Technologies and Their Risks
44. 29
IT advisory
How Can We Prepare?
IT Risk Management
• Management should understand what data
they process and store
• IT threats should be considered as part of the
organizational risk management process
• Consider mitigation, transfer, or elimination of
risks
45. 30
IT advisory
How Can We Prepare?
Strong Vendor Management Program
• Include Security as Part of Vendor Evaluation
Procedures
• Conduct Ongoing Evaluation of Vendor
Relationship
• Disgruntled Employees
• Remember Target’s Scenario
46. 31
IT advisory
How Can We Prepare?
Strong Incident Response Program
“Not if, but when …”
Roles and Responsibilities
Who owns the program?
Include PR and Legal Counsel as Part of Response
Team
Ensure forensic skillset is available
Continued regulatory focus
47. 32
IT advisory
FFIEC Cybersecurity Assessment Tool (CAT)
• New guidance finalized earlier this year
– www.ffiec.gov/cyberassessmenttool.htm
• “Repeatable and Measureable”
• Incorporates principles from the FFIEC IT
Examination Handbook
• Two Parts:
1. Inherent Risk Profile
2. Cybersecurity Maturity
48. 33
IT advisory
FFIEC CAT – Role of Management & Board
• Develop the plan to conduct the
Assessment
• Define the target state of cybersecurity
preparedness
• Oversee performance of monitoring and risk
mitigation
• Oversee changes to maintain or enhance
targeted state of preparedness
49. 34
IT advisory
FFIEC CAT – 2. Cybersecurity Maturity
Innovative
Advanced
Intermediate
Evolving
Baseline
• 5 maturity
levels are
based upon
sophistication,
design, and
effectiveness of
controls
• Critical controls
include
detective,
preventative,
and responsive