Kevin Ivy

Director of Security Services, TraceSecurity

With over 20 years of experience in IT and information security, Kevin has been a great asset to TraceSecurity as an information security analyst, security solutions engineer, and now director of Security Services. His areas of expertise include systems administration, IT risk management, information security management, IT auditing, penetration testing, and network engineering. He has performed all of our services, including risk assessments, IT audits, penetration tests, and more. As director, he manages a team of more than 40 information security analysts in the development and execution of TraceSecurity services. Kevin holds his CISSP, CISM, and CRISC certifications, as well as an associate degree in information technology from ITI Technical College.

Speaker Image
Request Speaker

Speaking Topics

Artificial intelligence is quickly becoming a part of people’s everyday lives, both at work and at home. AI tools are being relied on for things as complicated as security monitoring to a simple as writing an email. The applications of AI are huge – but so are the risks. We will discuss the ongoing rise of artificial intelligence, the many applications it has, and the cybersecurity risks that come with them.

Key takeaways:

  • Understand what artificial intelligence is and how it affects your day-to-day life
  • Know how companies and individuals are using AI
  • Understand the cybersecurity risks and how to manage company policies around AI

Human error is the biggest weakness for any organization – and with credit unions housing so much personal and financial information, they are prime targets for social engineering attacks. One clicked link or opened attachment can lead to significant data loss and reputational harm. We will discuss the risks associated with social engineering attacks, like phishing and vishing. We will also cover best practices for credit unions to better train their employees, have plans in place to handle potential incidents, and maintain a culture of cybersecurity awareness.

Key takeaways:

  • Understand the risks associated with social engineering attacks
  • Employee awareness and training best practices
  • Policy and procedure guidance for handling social engineering related incidents

When it comes to cybersecurity attacks, it’s a matter of when, not if it will happen. It’s more important than ever for credit unions to be fully prepared to handle these situations. Incident response, disaster recovery, and business continuity plans are vital to minimizing the impact of an event, have limited or no interruption to business services, and maintain a positive reputation with members. We will cover the ins and outs of your IRP, DRP, and BCP plans. We will also discuss best practices for keeping them updated, testing them against real-world scenarios with tabletop exercises (required by the NCUA), and keeping stakeholders invested.

Key takeaways:

  • Understand the importance of IRP, DRP, and BCP plans for your credit union
  • Guidance for keeping plans up to date through business and personnel changes
  • Explanation of tabletop testing requirements prescribed by the NCUA