linkedin facebook  twitter

 

 or Call (888) 634-0001

Why Not Follow Gov. Coumo's Lead on Information Security Protection

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Dec 8, 2016 4:07:00 PM

In mid-September, the New York State Department of Financial Services released a press release stating, "Governor Andrew M. Cuomo today announced that a new first-in-the-nation regulation has been proposed to protect New York State from the ever-growing threat of cyber-attacks. The regulation requires banks, insurance companies, and other financial services institutions regulated by the State Department of Financial Services to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.

Read More

Topics: Information Security, cyber attack, cybersecurity, startegy



A Role You Should Not Ignore-- Your Role in Cybersecurity

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Aug 2, 2016 12:36:51 PM

Cybersecurity, a popular term due to several statements and Executive Orders from the White House related to Homeland Security issues, is closely related to Information Security. The latter aims to protect items of value (information: personal, corporate and governmental), while the former aims to protect the devices (computers and smartphones) and networks (Internet) which store and transmit the information.

Read More

Topics: Information Security, IT, information techology, cyber security, dopkins, cybersecurity, william prohn, risk management



One Phish, Two Phish, Spear Phish…Breach!

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

May 17, 2016 1:00:00 PM

A Familiar Tale

Read More

Topics: Information Security, phishing, data breach, cyber security, phish



Identity Theft, the IRS and You: Protect Thyself Part 2

Posted by Samantha Keller CPA

Aug 14, 2015 11:55:00 AM

IRS Issues IR-2015-99: Warns Taxpayers to Guard Against New Tricks by Scam Artists; Losses Top $20 Million 

Read More

Topics: Information Security, identity theft, irs scams



Yes You Do Have One-- A Role in Cyber Security

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Aug 6, 2015 1:45:00 PM

Cyber security, a popular term due to several statements and Executive Orders from the White House related to Homeland Security issues, is closely related to Information Security. The latter aims to protect items of value (information: personal, corporate and governmental), while the former aims to protect the devices (computers and smartphones) and networks (Internet) which store and transmit the information.

Read More

Topics: Information Security



A Fraud Policy for Your Employee Benefit Plan? You Betcha!

Posted by Brendan P. Brady CPA

Jun 17, 2015 11:21:07 AM

When not reading about cyberattacks and information security breaches, occupational fraud/employee fraud are stealing headlines (pun intended)

Read More

Topics: Information Security, internal controls, employee benefit plan, employee fraud, occupational fraud, Fraud Prevention, Fraud awareness, risk assessment, fiduciary responsibility, fraud policy



Fraud Awareness & Prevention: Access Control

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

May 29, 2015 10:56:00 AM

Let's consider the following scenario: Your organization enforces mandatory vacations in an effort to prevent occupational fraud. A current employee is perpetrating a fraud scheme involving a fictitious employee and must access your accounting system bi-weekly to continue the fraudulent activity. Unfortunately for you, employees are allowed to work from home and the fraudster in question simply logs in after-hours and performs the necessary steps to maintain his/her scheme. 

This scenario highlights the importance of IT controls, as we see that the fraudster was able to circumvent the organization's anti-fraud efforts by taking advantage of a weakness in the IT control environment.

Read More

Topics: Information Security, information techology, fraud, forensics, Monitoring, Fraud Prevention, Logging, Access Control, IT Controls, Fraud awareness, Fraud Investigation, Fraud Detection, Administrators



The Home Depot Breach: Lessons for Business Owners and Consumers

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Sep 12, 2014 3:00:00 PM

 

 

 

The U.S. is still waiting to determine the scale of the recent credit card breach at Home Depot, but there are already key takeaways for business owners and consumers. While this blog references Home Depot, it is equally relevant to the numerous breaches we have seen over the past year and the inevitable breaches yet to occur.

Read More

Topics: Information Security, data breach, cyber security, security tips, chip and PIN, debit card breach, credit card breach, cyber insurance



Small businesses at high risk for data breach

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Jul 22, 2014 10:06:41 AM

This article, from the LA Times, reports about some of the security risks faced by small businesses, including safeguarding their backups and customer credit card info.

Read More

Topics: Information Security, cyberattack, identity theft, information security risks, data breach, cyber security



Lessons from Target

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

Apr 1, 2014 9:20:03 AM

Much has been written and heard about the ”great Target breach,” but most of it is targeted (sorry!) at those involved in the event and much less is aimed at the lessons that all businesses can learn from this. Here areas:

 

Read More

Topics: Information Security, IT, information techology





Join Our Mailing List


Recent Blogs

Posts by Topic

see all