Steven J. Ursillo, Jr., CPA, CISA, CISSP

Title:Partner, Assurance & Advisory Services

Leadership Role:National Leader, Information Assurance & Cybersecurity

Education:Bachelor of Science in Business Administration, Bryant University; Masters of Computer Information Science, Boston University

Designations:CPA, CISA, CISSP

Steve Ursillo

Steve serves as Cherry Bekaert’s National Leader for the Information Assurance & Cybersecurity practice. He specializes in risk management, internal control over financial reporting, information system security, privacy, cyber fraud prevention and detection, security and privacy governance, and IT assurance services.

With more than 20 years of experience, Steve provides a variety of IT audit and security services for his clients across multiple industries. His background and knowledge with risk assurance and advisory engagements include information security readiness, cybersecurity, security and privacy attestation services, third-party assurance including HITRUST, cyber risk assessments, vendor risk assessments, disaster recover reviews, privacy reviews, Service Organizational Control (SOC) reporting including SOC 1, 2 & 3, as well as other types of attestations
and readiness assessments. In the area of information security, Steve’s experience ranges from security consulting and implementation to security assessments involving network and attack and penetration testing.

Steve is a nationally recognized writer and speaker on issues in the forefront of cybersecurity, risk and technology publications. He has delivered numerous presentations for various professional organizations and the public. In addition, Steve has provided end-user security awareness training to several clients’ staff, managers, directors, board members and to the general public. He has also performed live hacking demonstrations on simulation systems including network, wireless, mobile, application and web application attacks.

Professional Involvement

  • American Institute of Certified Public Accountants (AICPA)
  • Service Organization Control (SOC) Task Force, AICPA
  • National Council, Information Management and Technology Assurance Committee (IMTA), AICPA
  • Co-chair, IMTA Cyber Security Task Force, AICPA

Additional Credentials

  • Certified Internal Auditor (CIA)
  • Certified Global Management Accountant (CGMA)
  • Certified Fraud Examiner (CFE)
  • Certified Information Security Manager (CISM)
  • Certified Information Technology Professional (CITP)
  • Certified in Governance and Enterprise IT (CGEIT)
  • Certified in Risk and Information Systems Controls (CRISC)
  • Certified Ethical Hacker (CEH)
  • Certified Common Security Framework Practitioner (CCSFP)