Print Friendly, PDF & Email


October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month

Held every October, National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. The Business & IT Security practice at AAFCPAs has published the following insights recently to outline the most common vulnerabilities and how to mitigate risks: IT Security Vulnerabilities... continue reading

IT Security Vulnerabilities Caused by Web Applications

Custom business applications are increasingly attractive because they allow companies to improve employee and customer user experiences with enhanced flexibility and efficiency. Some custom business app platforms tout that “creating your own custom apps is easy, even if your programming knowledge is non-existent.” However, this ease and accessibility can lead to unanticipated security vulnerabilities. According to Impervia, in 2018, web application security vulnerabilities increased by 23% from 2017 and by... continue reading

Internet of Things (IoT) and Cyber Security

What Is IoT And How Do Hackers Infiltrate Your Devices? An increasing number of companies are installing Internet of Things (IoT) devices on their networks. IoT devices are typically “black box” devices, the inner workings of which are unknown to most users. For example, HVAC systems, smart fridges, computer printers, and even cars can contain IoT-enabled technology that connects through WiFi or cellular and therefore can be considered IoT devices.... continue reading

Configuration & Application Vulnerabilities in Cyber & IT Security

Despite the best efforts of IT teams, organizations continue to be plagued with IT security vulnerabilities in their systems by both internal and external threats. The most common vulnerabilities are poor configurations and outdated/unpatched systems or applications. These vulnerabilities may subject your organization to the risk of hackers gaining access to sensitive employee or client data. What are Countermeasures/Prevention Techniques? Change Management Organizations must establish and document their process for... continue reading

Eye on Cyber: A Day in the Life of an Ethical Hacker

Listen to Podcasts:   “Innovation, organization, and sophistication—these are the tools of cyber attackers as they work harder and more efficiently to uncover new vulnerabilities,” reports Symantec in their 2018 Internet Security Threat Report. Ethical hacking services are a great way for organizations to unearth security weaknesses before they can be exploited by online criminals. In this instructive session, AAFCPAs’ IT Security professionals James Jumes and Vassilis Kontoglis go behind the disguise with our... continue reading

Common Social Engineering Cyber Attacks and Prevention Strategies

What is Social Engineering & what are the risks? The human component of cyber security is the weakest link in protecting your organization against external threats. Recently, social engineering attacks have become the most prevalent type of threat within reported cyber breaches. Social engineering is a malicious activity in which bad actors produce items such as false emails with the intent to persuade the recipient to unwittingly perform an action;... continue reading

AAFCPAs to Present Workshop on Internal Controls & IT Countermeasures to Mitigate Risks

AAFCPAs’ Vassilis Kontoglis and David Kelleher will present an educational workshop on Best Practices in Internal Controls and IT Security to assist in mitigating risk at The Massachusetts Association of Early Education & Care (MADCA) Administration and Management Conference, in Worcester, MA on November 28th. Risk Management requires continuous improvement, and organizations must stay vigilant, and learn & adapt over time. In this interactive session, AAFCPAs will highlight critical risk... continue reading

People, Processes and Technology, the Three-Legged Stool: AAFCPAs to Lead MNN Educational Workshop

AAFCPAs’ Partner Janice O’Reilly, CPA, CGMA and Manager Dawn Pantano, CPA, CITP will present a timely, educational workshop at the Massachusetts Nonprofit Network’s 2018 Annual Conference in Framingham, MA on October 10th on the topic of right-sizing the modern finance function. Nonprofit finance departments are often juggling the day-to-day accounting and bookkeeping responsibilities alongside more complex and time consuming tasks, such as: HR-related activities; maintaining compliance; optimizing revenue; mergers &... continue reading

Educational Podcast: Cybersecurity in 2018

Educational Podcast: Cybersecurity in 2018

Listen to Podcast Click here to listen to podcast or use the above media player. Techniques of cyber-criminals continue to evolve. A recent study shared by InfoSecurity Magazine reports “Cyber-criminals have adopted an organizational shift in how they carry out their work, implementing corporate best practices and establishing professional businesses to increase the efficiency of their attacks against enterprises and consumers.” This means advanced persistent threats specifically targeted at your organization and... continue reading

AAFCPAs to Lead System and Organization Controls (SOC) Reporting Forum for PrimeGlobal, National CPA Firm Association

AAFCPAs’ James Jumes, MBA, M. Ed has been selected to lead the North American System and Organization Controls (SOC) Reporting Special Interest Group (SIG) for PrimeGlobal, an international association of independent accounting firms. James is uniquely qualified to lead this national SIG, which will serve as a forum for peers to share their interpretations and implementations of these complex attestation standards (Standards for Attestation Engagements No. 18 “SSAEs 18”), as well as... continue reading