SlideShare uma empresa Scribd logo

Cybersecurity Guide for CFOs

gppcpa
gppcpa

Cybersecurity has become an important issue for today's businesses. This presentation will review current scams and fraud, how to develop a plan to keep your business safe and secure, tips and resources.

Negócios
1 de 31
Baixar para ler offline
A Cybersecurity Planning Guide for CFOs Scams & Fraud, Developing a Plan,Tips, and Resources Presented by André Nel, CPA 1
WHY IS DATA SECURITY CRITICAL? Theft of digital information has become the most commonly reported fraud, surpassing physical theft. Customer and client information, payment information, personal files, bank account details - all of this information is often impossible to replace if lost, and dangerous in the hands of criminals. Data lost due to disasters, such as a flood or fire, is devastating, but losing it to hackers or a malware infection can have far greater consequences. How you handle and protect your data is central to the security of your business and the privacy expectations of customers, employees and partners. Things have changed! Page 2
AGENDA FORTODAY 1. Scams and Fraud 2. Data Security – Developing an Action Plan 3. CybersecurityTips 4. Resources Page 3
SCAMS AND FRAUD New ways are developed by cyber criminals every day to victimize your businesses, scam your customers, hurt your reputation and hold you at ransom. The 2017 Verizon Data Breach Investigations Report (DBIR) included the following summaries: Page 4
SCAMS AND FRAUD (CONTINUED) If you haven’t suffered a data breach you’ve either been incredibly well prepared, or very, very lucky.Are you incredibly well prepared? Page 5
WHAT ARE SOME OF THE MAIN CYBER SCAMSTODAY? Knowing which incident patterns affect your industry more often than others do provide a building block for allocating cybersecurity resources. These nine incident patterns have been identified in the DBIR: 1. Insider and privilege misuse – trusted actors leveraging logical and/or physical access in an inappropriate or malicious manner. 2. Cyber-espionage – targeted attacks from external actors hunting for sensitive internal data and trade secrets. 3. Web application attacks – web-application-related stolen credentials or vulnerability exploits. 4. Crimeware – malware incidents, typically opportunistic and financially motivated in nature (e.g., bankingTrojans, ransomware). Page 6
WHAT ARE SOME OF THE MAIN CYBER SCAMSTODAY? (CONTINUED) 5. Point-of-sale (POS) intrusions – attacks on POS environments leading to payment card data disclosure. 6. Denial of service (DoS) attacks – non-breach related attacks affecting business operations. 7. Payment card skimmers – physical tampering of ATMs and fuel-pump terminals. 8. Physical theft and loss – physical loss or theft of data or IT-related assets. 9. Miscellaneous errors – an error directly causing data loss. Page 7
QUESTIONS AND COMMENTS Any questions or experiences to share with the group before we move on to the next item on the agenda? Page 8
AGENDA FORTODAY 1. Scams and fraud 2. Data security – Developing an Action plan 3. CybersecurityTips 4. Resources Page 9
CYBER SECURITY ACTION PLAN The six steps in developing your cybersecurity action plan: 1. Conduct an inventory of all data you have. 2. Once you've identified your data, keep a record of its location and move it to more appropriate locations as needed. 3. Develop a privacy policy. 4. Protect data collected on the Internet. 5. Create layers of security. 6. Plan for data loss or theft. Page 10
STEP 1 – CONDUCT AN INVENTORY OF ALL DATA 1. What kind of data do you have in your business? • Customer data • Employee information • Proprietary and sensitive business information 2. How is that data handled and protected? • Where is this data stored? • What happens when the data is used or moved to a different location? 3. Who has access to that data? • Who has rights to access that data? • How will the access privileges be managed? Page 11
STEP 2 - KEEP A RECORD OFWHERE DATA IS LOCATED Record the location of data. Keep in mind that the same data could be located in more than one location. 1. Location could include: • Local or desktop computer • Central file server • Cloud • Mobile devices such as USB memory stick • Smartphones 2. Consider moving it to a more appropriate location. Page 12
STEP 3 – DEVELOP A PRIVACY POLICY Your privacy policy is a pledge to your customers that you will use and protect their information in ways that they expect and that adhere to your legal obligations. 1. Create your privacy policy with care. 2. Growing number of regulations protecting customer and employee privacy. • There are costly penalties if you do not comply • You will be held accountable for what you claim and offer in your policy 3. Share your policy, rules and expectations with all employees. • There is a growing trend to post privacy policies on company websites 4. Policy should address the following types of data: • Personally Identifiable information • Personal Health Information • Customer Information Page 13
STEP 4 – PROTECT DATA COLLECTED ON THE INTERNET Your website can be a great place to collect information, but that comes with a responsibility to protect that data. 1. Data collected can include: • Transactions and payment information • Newsletter sign-ups • Online inquiries • Customer requests or orders 2. Data collected from your website can be stored in different places. • When you host your own website, it may be stored on your own servers • When hosted by a third party be sure that party protects that data fully 3. That protection includes protection from: • Hackers and outsiders • Employees of the hosting company Page 14
STEP 5 – CREATE LAYERS OF SECURITY The idea of layering security is simple: You cannot and should not rely on just one security mechanism – such as a password – to protect something sensitive. If that security mechanism fails, you have nothing left to protect you. 1. Classify your data: • HIGHLY CONFIDENTIAL • SENSITIVE • INTERNAL USE ONLY 2. Control access to your data. 3. Secure your data: • Passwords – Random, complex and long • Encryption 4. Back up your data. • Put a policy in place that specify what data is backed up, how often, who is responsible, how and where backups are stored and who has access. • Physical media used to store data is vulnerable, so make sure it is encrypted. Page 15
STEP 6 – PLAN FOR DATA RECOVERY AFTER A LOSS OR THEFT Plan for the unexpected, including the loss or theft of data. 1. Be prepared for a rapid and coordinated response to any loss or theft of data. 2. Employees and contractors should understand that they should report any loss or theft to the appropriate company official. 3. Test your data recovery from backup systems on a regular basis. Page 16
CYBER SECURITY ACTION PLAN Let’s recap the six steps in developing your cybersecurity action plan: 1. Conduct an inventory of all data you have. 2. Once you've identified your data, keep a record of its location and move it to more appropriate locations as needed. 3. Develop a privacy policy. 4. Protect data collected on the Internet. 5. Create layers of security. 6. Plan for data loss or theft. Page 17
QUESTIONS AND COMMENTS Any questions or experiences to share with the group before we move on to the next item on the agenda? Page 18
AGENDA FORTODAY 1. Scams and 2. Data security – Developing an Action plan 3. CybersecurityTips 4. Resources Page 19
CYBERSECURITYTIPS 1. Don’t ever say “It won’t happen to me.” 2. Train employees in security principles. Establish basic security practices and policies for employees, such as requiring strong passwords and establish appropriate Internet use guidelines, that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data. 3. Always be careful when clicking on attachments or links in email. If it’s unexpected or suspicious for any reason, don’t click on it. Double check the URL of the website the link takes you to; bad actors will often take advantage of spelling mistakes to direct you to a harmful domain. Page 20
CYBERSECURITYTIPS (CONTINUED) 4. Watch what you’re sharing on social networks. Criminals can befriend you and easily gain access to a shocking amount of information—where you go to school, where you work, when you’re on vacation—that could help them gain access to more valuable data. 5. Offline, be wary of social engineering, where someone attempts to gain information from you through manipulation. If someone calls or emails you asking for sensitive information, it’s okay to say no. You can always call the company directly to verify credentials before giving out any information. Page 21
CYBERSECURITYTIPS (CONTINUED) 6. Protect information, computers, and networks from cyber attacks. Keep clean machines: having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available. 7. Provide firewall security for your Internet connection. A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure the operating system’s firewall is enabled or install free firewall software available online. If employees work from home, ensure that their home systems are protected by a firewall. Page 22
CYBERSECURITYTIPS (CONTINUED) 8. Create a mobile device action plan. Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment. 9. Make backup copies of important business data and information. Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud. Page 23
CYBERSECURITYTIPS (CONTINUED) 10. Control physical access to your computers and create user accounts for each employee. Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel. 11. Secure yourWi-Fi networks. If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router. Page 24
CYBERSECURITYTIPS (CONTINUED) 12. Employ best practices on payment cards. Work with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate payment systems from other, less secure programs and don’t use the same computer to process payments and surf the Internet. 13. Limit employee access to data and information, and limit authority to install software. Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission. Page 25
CYBERSECURITYTIPS (CONTINUED) 14. Passwords and authentication. Require employees to use unique passwords and change passwords every three months. Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account. 15. Be sure to monitor your accounts for any suspicious activity. If you see something unfamiliar, it could be a sign that you’ve been compromised. Page 26
CYBERSECURITYTIPS (CONTINUED) 16. Identify a senior-level employee or qualified third party to lead your firm’s cybersecurity program. 17. Examine your insurance policies to ensure adequate cyber coverage levels. Page 27
HOW CAN GPP HELPYOU? Don’t feel as though you need to come up with cyber strategies on your own. We are experienced in providing comments on control related matters to management. In addition, as a member of the BDO Alliance USA, we have access to resources that can help your organization as you navigate the cybersecurity risk and compliance landscape, including: • Guidance on conducting a cyber risk assessment • How to take inventory of your sensitive information • Develop and implement an incident response plan Page 28
RESOURCES, REFERENCES AND CREDITS Page 29 1. Federal Communications Commission (FCC) i. https://www.fcc.gov/cyberplanner ii. https://apps.fcc.gov/edocs_public/attachmatch/DOC- 343096A1.pdf iii. https://apps.fcc.gov/edocs_public/attachmatch/DOC- 306595A1.pdf 2. 2017Verizon Data Breach Investigations Report (DBIR) http://www.verizonenterprise.com/verizon-insights- lab/dbir/2017/
QUESTIONS AND COMMENTS? André Nel (214)-635-2607 anel@gppcpa.com Page 30
If you have any questions please feel free to contact André Nel at: (214)-635-2607 anel@gppcpa.com

Recomendados

Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 

Recomendados

Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016Quick Heal Technologies Ltd.
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesKroll
 
8 - Securing Info Systems
8 - Securing Info Systems8 - Securing Info Systems
8 - Securing Info SystemsHemant Nagwekar
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Tony Richardson CISSP
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MISAmirul Shafiq Ahmad Zuperi
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technicalStephen Cobb
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security pptGryffin EJ
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Michael Noel
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Are you the next target?
Are you the next target?Are you the next target?
Are you the next target?Strategic Insurance Software
 

Mais conteúdo relacionado

Mais procurados

Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesKroll
 
8 - Securing Info Systems
8 - Securing Info Systems8 - Securing Info Systems
8 - Securing Info SystemsHemant Nagwekar
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Tony Richardson CISSP
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technicalStephen Cobb
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security pptGryffin EJ
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Michael Noel
 

Mais procurados (20)

Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & Responsibilities
 
8 - Securing Info Systems
8 - Securing Info Systems8 - Securing Info Systems
8 - Securing Info Systems
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity laws
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
Network security
Network securityNetwork security
Network security
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber security
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employees
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MIS
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security ppt
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
 

Semelhante a Cybersecurity Guide for CFOs

1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration RecommendationsMeg Weber
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3Meg Weber
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys
 
Security and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxSecurity and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxTRSrinidi
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfSecureCurve
 
FCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityFCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityMeg Weber
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 

Semelhante a Cybersecurity Guide for CFOs (20)

1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Are you the next target?
Are you the next target?Are you the next target?
Are you the next target?
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration Recommendations
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdf
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptx
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless World
 
Security and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxSecurity and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptx
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
 
FCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityFCC Guidelines on Cyber Security
FCC Guidelines on Cyber Security
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 

Mais de gppcpa

The Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll TaxesThe Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll Taxesgppcpa
 
CFO Half-Day Conference
CFO Half-Day ConferenceCFO Half-Day Conference
CFO Half-Day Conferencegppcpa
 
Blockchain and Cybersecurity
Blockchain and Cybersecurity Blockchain and Cybersecurity
Blockchain and Cybersecurity gppcpa
 
Surviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence AuditSurviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence Auditgppcpa
 
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersBuild Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersgppcpa
 
The IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A PrimerThe IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A Primergppcpa
 
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...gppcpa
 
Tax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and IndividualsTax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and Individualsgppcpa
 
The New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should KnowThe New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should Knowgppcpa
 
International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017gppcpa
 
Financial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign InvestorsFinancial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign Investorsgppcpa
 
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...gppcpa
 
What Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a BusinessWhat Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a Businessgppcpa
 
Occupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence InvestigationsOccupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence Investigationsgppcpa
 
Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders gppcpa
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Knowgppcpa
 
Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?gppcpa
 
Reporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign AssetsReporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign Assetsgppcpa
 
Us tax presentation
Us tax presentationUs tax presentation
Us tax presentationgppcpa
 
Divorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial ConsiderationsDivorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial Considerationsgppcpa
 

Mais de gppcpa (20)

The Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll TaxesThe Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll Taxes
 
CFO Half-Day Conference
CFO Half-Day ConferenceCFO Half-Day Conference
CFO Half-Day Conference
 
Blockchain and Cybersecurity
Blockchain and Cybersecurity Blockchain and Cybersecurity
Blockchain and Cybersecurity
 
Surviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence AuditSurviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence Audit
 
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersBuild Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
 
The IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A PrimerThe IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A Primer
 
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
 
Tax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and IndividualsTax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and Individuals
 
The New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should KnowThe New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should Know
 
International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017
 
Financial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign InvestorsFinancial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign Investors
 
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
 
What Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a BusinessWhat Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a Business
 
Occupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence InvestigationsOccupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence Investigations
 
Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Know
 
Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?
 
Reporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign AssetsReporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign Assets
 
Us tax presentation
Us tax presentationUs tax presentation
Us tax presentation
 
Divorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial ConsiderationsDivorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial Considerations
 

Último

(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africaictsugar
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 

Último (20)

(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africa
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 

Cybersecurity Guide for CFOs

  • 1. A Cybersecurity Planning Guide for CFOs Scams & Fraud, Developing a Plan,Tips, and Resources Presented by André Nel, CPA 1
  • 2. WHY IS DATA SECURITY CRITICAL? Theft of digital information has become the most commonly reported fraud, surpassing physical theft. Customer and client information, payment information, personal files, bank account details - all of this information is often impossible to replace if lost, and dangerous in the hands of criminals. Data lost due to disasters, such as a flood or fire, is devastating, but losing it to hackers or a malware infection can have far greater consequences. How you handle and protect your data is central to the security of your business and the privacy expectations of customers, employees and partners. Things have changed! Page 2
  • 3. AGENDA FORTODAY 1. Scams and Fraud 2. Data Security – Developing an Action Plan 3. CybersecurityTips 4. Resources Page 3
  • 4. SCAMS AND FRAUD New ways are developed by cyber criminals every day to victimize your businesses, scam your customers, hurt your reputation and hold you at ransom. The 2017 Verizon Data Breach Investigations Report (DBIR) included the following summaries: Page 4
  • 5. SCAMS AND FRAUD (CONTINUED) If you haven’t suffered a data breach you’ve either been incredibly well prepared, or very, very lucky.Are you incredibly well prepared? Page 5
  • 6. WHAT ARE SOME OF THE MAIN CYBER SCAMSTODAY? Knowing which incident patterns affect your industry more often than others do provide a building block for allocating cybersecurity resources. These nine incident patterns have been identified in the DBIR: 1. Insider and privilege misuse – trusted actors leveraging logical and/or physical access in an inappropriate or malicious manner. 2. Cyber-espionage – targeted attacks from external actors hunting for sensitive internal data and trade secrets. 3. Web application attacks – web-application-related stolen credentials or vulnerability exploits. 4. Crimeware – malware incidents, typically opportunistic and financially motivated in nature (e.g., bankingTrojans, ransomware). Page 6
  • 7. WHAT ARE SOME OF THE MAIN CYBER SCAMSTODAY? (CONTINUED) 5. Point-of-sale (POS) intrusions – attacks on POS environments leading to payment card data disclosure. 6. Denial of service (DoS) attacks – non-breach related attacks affecting business operations. 7. Payment card skimmers – physical tampering of ATMs and fuel-pump terminals. 8. Physical theft and loss – physical loss or theft of data or IT-related assets. 9. Miscellaneous errors – an error directly causing data loss. Page 7
  • 8. QUESTIONS AND COMMENTS Any questions or experiences to share with the group before we move on to the next item on the agenda? Page 8
  • 9. AGENDA FORTODAY 1. Scams and fraud 2. Data security – Developing an Action plan 3. CybersecurityTips 4. Resources Page 9
  • 10. CYBER SECURITY ACTION PLAN The six steps in developing your cybersecurity action plan: 1. Conduct an inventory of all data you have. 2. Once you've identified your data, keep a record of its location and move it to more appropriate locations as needed. 3. Develop a privacy policy. 4. Protect data collected on the Internet. 5. Create layers of security. 6. Plan for data loss or theft. Page 10
  • 11. STEP 1 – CONDUCT AN INVENTORY OF ALL DATA 1. What kind of data do you have in your business? • Customer data • Employee information • Proprietary and sensitive business information 2. How is that data handled and protected? • Where is this data stored? • What happens when the data is used or moved to a different location? 3. Who has access to that data? • Who has rights to access that data? • How will the access privileges be managed? Page 11
  • 12. STEP 2 - KEEP A RECORD OFWHERE DATA IS LOCATED Record the location of data. Keep in mind that the same data could be located in more than one location. 1. Location could include: • Local or desktop computer • Central file server • Cloud • Mobile devices such as USB memory stick • Smartphones 2. Consider moving it to a more appropriate location. Page 12
  • 13. STEP 3 – DEVELOP A PRIVACY POLICY Your privacy policy is a pledge to your customers that you will use and protect their information in ways that they expect and that adhere to your legal obligations. 1. Create your privacy policy with care. 2. Growing number of regulations protecting customer and employee privacy. • There are costly penalties if you do not comply • You will be held accountable for what you claim and offer in your policy 3. Share your policy, rules and expectations with all employees. • There is a growing trend to post privacy policies on company websites 4. Policy should address the following types of data: • Personally Identifiable information • Personal Health Information • Customer Information Page 13
  • 14. STEP 4 – PROTECT DATA COLLECTED ON THE INTERNET Your website can be a great place to collect information, but that comes with a responsibility to protect that data. 1. Data collected can include: • Transactions and payment information • Newsletter sign-ups • Online inquiries • Customer requests or orders 2. Data collected from your website can be stored in different places. • When you host your own website, it may be stored on your own servers • When hosted by a third party be sure that party protects that data fully 3. That protection includes protection from: • Hackers and outsiders • Employees of the hosting company Page 14
  • 15. STEP 5 – CREATE LAYERS OF SECURITY The idea of layering security is simple: You cannot and should not rely on just one security mechanism – such as a password – to protect something sensitive. If that security mechanism fails, you have nothing left to protect you. 1. Classify your data: • HIGHLY CONFIDENTIAL • SENSITIVE • INTERNAL USE ONLY 2. Control access to your data. 3. Secure your data: • Passwords – Random, complex and long • Encryption 4. Back up your data. • Put a policy in place that specify what data is backed up, how often, who is responsible, how and where backups are stored and who has access. • Physical media used to store data is vulnerable, so make sure it is encrypted. Page 15
  • 16. STEP 6 – PLAN FOR DATA RECOVERY AFTER A LOSS OR THEFT Plan for the unexpected, including the loss or theft of data. 1. Be prepared for a rapid and coordinated response to any loss or theft of data. 2. Employees and contractors should understand that they should report any loss or theft to the appropriate company official. 3. Test your data recovery from backup systems on a regular basis. Page 16
  • 17. CYBER SECURITY ACTION PLAN Let’s recap the six steps in developing your cybersecurity action plan: 1. Conduct an inventory of all data you have. 2. Once you've identified your data, keep a record of its location and move it to more appropriate locations as needed. 3. Develop a privacy policy. 4. Protect data collected on the Internet. 5. Create layers of security. 6. Plan for data loss or theft. Page 17
  • 18. QUESTIONS AND COMMENTS Any questions or experiences to share with the group before we move on to the next item on the agenda? Page 18
  • 19. AGENDA FORTODAY 1. Scams and 2. Data security – Developing an Action plan 3. CybersecurityTips 4. Resources Page 19
  • 20. CYBERSECURITYTIPS 1. Don’t ever say “It won’t happen to me.” 2. Train employees in security principles. Establish basic security practices and policies for employees, such as requiring strong passwords and establish appropriate Internet use guidelines, that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data. 3. Always be careful when clicking on attachments or links in email. If it’s unexpected or suspicious for any reason, don’t click on it. Double check the URL of the website the link takes you to; bad actors will often take advantage of spelling mistakes to direct you to a harmful domain. Page 20
  • 21. CYBERSECURITYTIPS (CONTINUED) 4. Watch what you’re sharing on social networks. Criminals can befriend you and easily gain access to a shocking amount of information—where you go to school, where you work, when you’re on vacation—that could help them gain access to more valuable data. 5. Offline, be wary of social engineering, where someone attempts to gain information from you through manipulation. If someone calls or emails you asking for sensitive information, it’s okay to say no. You can always call the company directly to verify credentials before giving out any information. Page 21
  • 22. CYBERSECURITYTIPS (CONTINUED) 6. Protect information, computers, and networks from cyber attacks. Keep clean machines: having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available. 7. Provide firewall security for your Internet connection. A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure the operating system’s firewall is enabled or install free firewall software available online. If employees work from home, ensure that their home systems are protected by a firewall. Page 22
  • 23. CYBERSECURITYTIPS (CONTINUED) 8. Create a mobile device action plan. Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment. 9. Make backup copies of important business data and information. Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud. Page 23
  • 24. CYBERSECURITYTIPS (CONTINUED) 10. Control physical access to your computers and create user accounts for each employee. Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel. 11. Secure yourWi-Fi networks. If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router. Page 24
  • 25. CYBERSECURITYTIPS (CONTINUED) 12. Employ best practices on payment cards. Work with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate payment systems from other, less secure programs and don’t use the same computer to process payments and surf the Internet. 13. Limit employee access to data and information, and limit authority to install software. Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission. Page 25
  • 26. CYBERSECURITYTIPS (CONTINUED) 14. Passwords and authentication. Require employees to use unique passwords and change passwords every three months. Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account. 15. Be sure to monitor your accounts for any suspicious activity. If you see something unfamiliar, it could be a sign that you’ve been compromised. Page 26
  • 27. CYBERSECURITYTIPS (CONTINUED) 16. Identify a senior-level employee or qualified third party to lead your firm’s cybersecurity program. 17. Examine your insurance policies to ensure adequate cyber coverage levels. Page 27
  • 28. HOW CAN GPP HELPYOU? Don’t feel as though you need to come up with cyber strategies on your own. We are experienced in providing comments on control related matters to management. In addition, as a member of the BDO Alliance USA, we have access to resources that can help your organization as you navigate the cybersecurity risk and compliance landscape, including: • Guidance on conducting a cyber risk assessment • How to take inventory of your sensitive information • Develop and implement an incident response plan Page 28
  • 29. RESOURCES, REFERENCES AND CREDITS Page 29 1. Federal Communications Commission (FCC) i. https://www.fcc.gov/cyberplanner ii. https://apps.fcc.gov/edocs_public/attachmatch/DOC- 343096A1.pdf iii. https://apps.fcc.gov/edocs_public/attachmatch/DOC- 306595A1.pdf 2. 2017Verizon Data Breach Investigations Report (DBIR) http://www.verizonenterprise.com/verizon-insights- lab/dbir/2017/
  • 30. QUESTIONS AND COMMENTS? André Nel (214)-635-2607 anel@gppcpa.com Page 30
  • 31. If you have any questions please feel free to contact André Nel at: (214)-635-2607 anel@gppcpa.com