Print Friendly, PDF & Email


October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month

Held every October, National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. The Business & IT Security practice at AAFCPAs has published the following insights recently to outline the most common vulnerabilities and how to mitigate risks: IT Security Vulnerabilities... continue reading

IT Security Vulnerabilities Caused by Web Applications

Custom business applications are increasingly attractive because they allow companies to improve employee and customer user experiences with enhanced flexibility and efficiency. Some custom business app platforms tout that “creating your own custom apps is easy, even if your programming knowledge is non-existent.” However, this ease and accessibility can lead to unanticipated security vulnerabilities. According to Impervia, in 2018, web application security vulnerabilities increased by 23% from 2017 and by... continue reading

Internet of Things (IoT) and Cyber Security

What Is IoT And How Do Hackers Infiltrate Your Devices? An increasing number of companies are installing Internet of Things (IoT) devices on their networks. IoT devices are typically “black box” devices, the inner workings of which are unknown to most users. For example, HVAC systems, smart fridges, computer printers, and even cars can contain IoT-enabled technology that connects through WiFi or cellular and therefore can be considered IoT devices.... continue reading

Configuration & Application Vulnerabilities in Cyber & IT Security

Despite the best efforts of IT teams, organizations continue to be plagued with IT security vulnerabilities in their systems by both internal and external threats. The most common vulnerabilities are poor configurations and outdated/unpatched systems or applications. These vulnerabilities may subject your organization to the risk of hackers gaining access to sensitive employee or client data. What are Countermeasures/Prevention Techniques? Change Management Organizations must establish and document their process for... continue reading

Eye on Cyber: A Day in the Life of an Ethical Hacker

Listen to Podcasts:   “Innovation, organization, and sophistication—these are the tools of cyber attackers as they work harder and more efficiently to uncover new vulnerabilities,” reports Symantec in their 2018 Internet Security Threat Report. Ethical hacking services are a great way for organizations to unearth security weaknesses before they can be exploited by online criminals. In this instructive session, AAFCPAs’ IT Security professionals James Jumes and Vassilis Kontoglis go behind the disguise with our... continue reading

Common Social Engineering Cyber Attacks and Prevention Strategies

What is Social Engineering & what are the risks? The human component of cyber security is the weakest link in protecting your organization against external threats. Recently, social engineering attacks have become the most prevalent type of threat within reported cyber breaches. Social engineering is a malicious activity in which bad actors produce items such as false emails with the intent to persuade the recipient to unwittingly perform an action;... continue reading

AAFCPAs’ Mr. Anderson Earns Certified Ethical Hacker Credential

AAFCPAs’ Mr. Anderson Earns Certified Ethical Hacker Credential

AAFCPAs’ “white hat” ethical security hacker and business continuity advisor, Mr. Anderson has been awarded the Certified Ethical Hacker (CEH) credential issued by the International Council of E-Commerce Consultants (EC-Council). Mr. Anderson was awarded the CEH credential in recognition of his earned expertise in understanding how to uncover weaknesses and vulnerabilities in target systems and use the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess... continue reading

Year in review: The Top 10 Insights from 2018

Year in review: The Top 10 Insights from 2018

2018 was a big year for finance professionals, with monumental changes in tax code & accounting rules, and other significant challenges & opportunities affecting commercial businesses, nonprofits, and individuals & their families.  Below are AAFCPAs’ most widely-read news alerts & insights in the past year: AAFCPAs’ 2018-2019 Tax Planning Guide for Businesses & Individuals Financial and Estate Planning Opportunities Related to the New Tax Law Whitepaper: Guidance on the New... continue reading

AAFCPAs to Present Workshop on Internal Controls & IT Countermeasures to Mitigate Risks

AAFCPAs’ Vassilis Kontoglis and David Kelleher will present an educational workshop on Best Practices in Internal Controls and IT Security to assist in mitigating risk at The Massachusetts Association of Early Education & Care (MADCA) Administration and Management Conference, in Worcester, MA on November 28th. Risk Management requires continuous improvement, and organizations must stay vigilant, and learn & adapt over time. In this interactive session, AAFCPAs will highlight critical risk... continue reading

AAFCPAs Wealth Management Advises Clients to Pursue Lines of Defense in Protecting Your Credit

AAFCPAs Wealth Management Advises Clients to Pursue Lines of Defense in Protecting Your Credit

Approximately 1 in 2 Americans had their personal information compromised as a result of a 2017 data breach at Equifax, and as a result are now at an increased risk for identify theft and financial fraud. Identify theft is an increasing problem for all people. In response, Congress initiated a new credit freeze law protecting consumers. This law went into effect on September 21, 2018. The new federal credit freeze... continue reading