Betrayed from Within: Cherry Bekaert Teams with IDentrix to Deliver Powerful Webinar
Some of the biggest security breaches of our time have come from “malicious insiders” – employees and/or subcontractors with proprietary access to highly sensitive or classified data who then share that data outside their organization. Think Edward Snowden and more recently Harold T. Martin III. However, insider security breaches can happen unintentionally, too. Think the Sony breach, which may have been caused by an employee unknowingly clicking on a link in an email. Unsurprisingly, turnout was high when Cherry Bekaert’s own Susan Moser , Partner, and Neal Beggan , Principal, teamed up with Raj Ananthanpillai, CEO of IDentrix, to deliver a webinar on insider. Read More.
Universities Impacted by Gambling SEO Scheme
Over 70 websites around the globe have been linked to a search engine optimization (“SEO”) gambling scheme. The scheme, discovered by researchers at eTraffic, mostly impacted university sites that were linked in course descriptions to keywords such as “real slot machines.” eTraffic said the SEO scheme was to help push gambling sites up Google’s search rankings and generate more money for online gambling businesses. It’s unknown how the links appeared, but hacking due to the vulnerabilities of blogging plugins is possible. More on the SEO gambling scheme is available on The Verge.
Cybersecurity Risk Management Guidance Proposed
The following exposure drafts have been issued by the American Institute of Certified Public Accountants’ (“AICPA”) Assurance Services Executive Committee, offering guidance for evaluating cyber risk management: Proposed Description Criteria for Management’s Description of an Entity’s Cybersecurity Risk Management Program (“Description Criteria”). This exposure draft is intended for a company’s management when developing and describing its organization’s cybersecurity risk management program, and by public accounting firms for reporting the description of the program. The AICPA hopes developing a conventional set of criteria will clear the path for a cybersecurity examination to assist in evaluating the efficiency of an organization’s cybersecurity. Read More.
Nonprofits Working to Address Cybersecurity
A Ponemon Institute report has predicted an 82 percent rise in cyber-attacks over the next several years. The increased threat of security breaches may affect the economy and organizations in every industry, especially nonprofits. A nonprofit’s reputation and ability to raise money could be put at risk, as well as cause its donors to lose trust. Consequently, fulfillment of the organization’s mission may be jeopardized. To safeguard against cyber crimes and protect their best interests, nonprofits should make updates to current policies and processes to better manage information security. Preparation involves a risk assessment of the organization’s information technology environment, including external data. Read More.
AICPA Establishes Cybersecurity Resource Center
To help Certified Public Accountants manage cybersecurity risks among their clients and organizations, the American Institute of Certified Public Accountants (“AICPA”) has launched the Cybersecurity Resource Center. This new initiative aims to position CPAs as leaders that can share their expertise and provide advisory and assurance services focused on addressing risks linked to cybersecurity. More details on the Cybersecurity Resource Center can be found on the AICPA Web site.
SEC’s 2016 Examination Priorities Announced
As part of its priorities for this year, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) plans to concentrate on existing initiatives and new areas of focus. Announced on January 11th , the OCIE’s 2016 priorities include continuing to protect investors in various risk areas like cybersecurity and fee selection. As for new focus areas, the OCIE will address matters concerning liquidity controls, public pension advisers, product promotion, exchange-traded funds and variable annuities.