IFAC TAG Webinar on Cyber Security

IFAC

In today’s digital age, many people have at some point wondered whether their online accounts have been compromised or have been part of a large data breach. Like a lot of the issues that make the news on a regular basis, we can become desensitized to cyber risks, but it is imperative, especially for organizations of all sizes, to be vigilant and educate their employees and stakeholders on proper protocols and procedures for minimizing risk. Accounting professionals are in a unique position to address cybersecurity.
Watch Now

Spotlight

Financial institutions have long been especially lucrative targets for insider attacks, but with the computerization of firm systems and assets, attacks can now be launched on a grander scale than ever before. Insider attacks on firms’ electronic systems can result in financial and intellectual property theft, damaged or destroyed assets, and firm-wide disruption to internal systems and customer operations. Preventing and detecting attacks, however, has proven to be difficult, as insiders are often able to capitalize on their familiarity with firm systems to launch attacks without attracting notice. Further, the risk of unintentional insider incidents continues to increase as firms expand the number of personnel authorized to access sensitive information to meet business needs. At its core, insider threat is just as much a human problem as it is a technology one. A systemized, targeted program is therefore necessary to combat insider threat risks. The purpose of this report is threefold: (1) to assist financial firms in developing effective insider threat programs by identifying and discussing best practices; (2) to act as a reference for regulators to better understand the insider threat at financial institutions; and (3) to help financial firms measure their insider threat program’s effectiveness.

OTHER ON-DEMAND WEBINARS

Attack Tactics 5 – Zero to Hero Attack

Black Hills Information Security

Presented BHIS Testers by: Jordan Drysdale, Kent Ickler, and John Strand. This is a re-recording of a live BHIS webcast that was presented on April 26th, 2019. Ever want to see a full attack from no access on the outside to domain takeover? Ever want to see that in under an hour? OWA? Password Sprays? Yup! VPNs? Remote account takeover? Yup! Fully documented command and tool usage? Yup! MailSniper? Absolutely! Nmap? Obviously.
Watch Now

Highly Caffeinated InfoSec

Black Hills Information Security

Whether you are brand new to InfoSec or a skilled veteran there are ways to push the limits and learn more about this exciting profession. Knowledge doesn’t always come from a classroom but instead can come from networking with other cybersecurity individuals and finding ways to hack anything around you. Mike Felch and Beau Bullock have started various InfoSec meetup groups, spoken publicly, written blog posts, and are on podcasts to help share and learn more at the same time. In this webcast they share a few tips for waking up your inner hacker.
Watch Now

Information is power: The role of threat intel in cloud security

Cloud security is complex. Join Omdia’s expert cybersecurity analysts as they discuss the complex nature of cloud security and provide insights into everything from threat intel and SaaS to infrastructure- and platform-as-a-service, customer responsibilities, emerging trends, and the kinds of tools available to help.
Watch Now

Whitehouse-driven Cyber Security Strategy and How it affects your Business

Join Presidio's very own Dan Lohrmann (author of Cyber Mayday and the Day After), and Andy Richter (author of Practical Deployment of Cisco Identity Services Engine (ISE): Real-World Examples of AAA Deployment) as we discuss the new Whitehouse-driven cyber security strategy and how it affects your business.
Watch Now

Spotlight

Financial institutions have long been especially lucrative targets for insider attacks, but with the computerization of firm systems and assets, attacks can now be launched on a grander scale than ever before. Insider attacks on firms’ electronic systems can result in financial and intellectual property theft, damaged or destroyed assets, and firm-wide disruption to internal systems and customer operations. Preventing and detecting attacks, however, has proven to be difficult, as insiders are often able to capitalize on their familiarity with firm systems to launch attacks without attracting notice. Further, the risk of unintentional insider incidents continues to increase as firms expand the number of personnel authorized to access sensitive information to meet business needs. At its core, insider threat is just as much a human problem as it is a technology one. A systemized, targeted program is therefore necessary to combat insider threat risks. The purpose of this report is threefold: (1) to assist financial firms in developing effective insider threat programs by identifying and discussing best practices; (2) to act as a reference for regulators to better understand the insider threat at financial institutions; and (3) to help financial firms measure their insider threat program’s effectiveness.

resources