kewho min on cpas & cybersecurity
TRANSCRIPT
CPAS &CYBERSECURITY
BY KEWHO MIN
KEWHOMIN.NET
CPAS HAVE THEIR GUARDS UPREGARDING CYBERSECURITY.THE AMERICAN INSTITUTE OFCPAS (AICPA) HOSTED THEEIGHT-WEEK WEBINAR“CYBERSECURITY FRAUD: WHATCPAS SHOULD KNOW” TOEDUCATE ACCOUNTINGPROFESSIONALS ABOUT AN“EXPANSIVE OVERVIEW OF ALLASPECTS OF CYBER SECURITY.”
Those aspects include discoveringsecurity threats, understanding
security frameworks and makingrisk assessments. The risks these
days are greater when you considerthe prevalence of cloud computing,
mobile devices and social media.
Keeping in mind, too, that just thismonth Yahoo admitted/announcedthat upwards of 500 million email
users accounts had been infiltrated(including passwords and other
security verification information).The company claimed the breach
was a “state-sponsored” hack,although that claim has been met
with some suspicion.
THE WALL STREET JOURNALREPORTED THAT AICPA IS TAKING
ITS BEST PRACTICES WHEN ITCOMES TO CYBERSECURITY ONE
STEP FURTHER. THE NEW MEASUREWILL TARGET AN INCREASINGLY
POPULAR FORM OF FRAUD CALLED“EXECUTIVE IMPERSONATION”
THAT TARGETS EMPLOYEES WITHINORGANIZATIONS.
“THE SCAM INVOLVES AN EMAIL SENTFROM AN EXECUTIVE TO A SUBORDINATEASKING FOR A WIRE TRANSFER ORPAYMENT TO A NEW BANK. THEATTACKERS TEND TO TARGET COMPANIESWITH FOREIGN SUPPLIERS OR UNITS THATREGULARLY PERFORM WIRE TRANSFERSTO FOREIGN BANKS, AND STRIKE WHENEXECUTIVES ARE TRAVELING ANDCANNOT BE REACHED.”-WALL STREET JOURNAL
EMPLOYEES ARE VULNERABLE TO THISKIND OF ATTACK BECAUSE THEY “GET
NERVOUS BY GETTING AN EMAIL FROM THECFO AND THINKING ‘I HAVE TO DO THIS.”
THE AICPA HAS RELEASED A FRAUDREPORT THAT IS “AIMED AT IMPROVING THE
WAY ACCOUNTANTS AND COMPANYMANAGERS DISCLOSE CYBERSECURITY RISK
MANAGEMENT PROGRAMS.”
THERE IS A GROWING DEMAND FOR CPASTO BE INFORMED AND EFFECTIVE WHEN ITCOMES TO FRAUD-PROTECTIVE PROGRAMS.CPAS ARE ON THE BATTLEGROUND TO
ENFORCE CYBERSECURITY ENGAGEMENT.
BYKEWHO MIN
KEWHOMIN.NET