Risk Advisory
Tax Season Brings Rise in Cyber Crime
Cybercriminals are looking for ways to capitalize on tax season, with scams on the rise as businesses and individuals prepare to file returns. This means the simple act of opening an email or answering a call could put you at risk of identity theft or return preparer fraud. Making matters worse is a rise in […]
How to Right-Size Cybersecurity to Fit the Small Nonprofit
Organizations rely on technology for communicating, managing our work, assisting us in making accurate and timely decisions, assisting customers, and staying in the know wherever we go. But along with this comes a mounting risk of data breach. Particularly susceptible are small nonprofit organizations with fewer technical safeguards, outdated security protocols, and modest IT budgets. […]
October Designated National Cybersecurity Awareness Month
October kicks off National Cybersecurity Awareness Month (NCSAM), which is dedicated to raising public awareness on the importance of cybersecurity. Launched in 2004 by the U.S. federal government, NCSAM aims to encourage businesses and individuals to investigate potential risk along with strategies to improve the security of critical infrastructure. Where To Start The threat landscape […]
FQHCs Prepare for National Cybersecurity Awareness Month
FQHCs are faced with an ever-shifting cybersecurity landscape due to emerging technologies and shifting internal and cloud vulnerabilities. Adding to this are regulations designed to keep pace as well as the data (health and personally identifiable) that live through their systems. The U.S. federal government has designated October as National Cybersecurity Awareness Month (NCSAM). AAFCPAs […]
Cyrillic Characters Used in Cyber Attacks
Recent reports show hackers substituting Roman alphabet with Cyrillic alphabet characters to deceive recipients. In their article “Real or Imposter? Everything You Need to Know About ‘Homoglyph’ Phishing”, CISO MAG describes this tactic, known as The Internationalized Domain Name (IDN) homoglyph attack, as “a deception technique that uses homoglyphs or homographs, in which an attacker […]
Securing Your IT Infrastructure & Creating Resiliency
IT infrastructure is the combination of hardware, software, communications, data centers/hosting services, and human resources that allow an organization to deliver information technology services to its constituent communities. IT resiliency refers to an organization’s ability to avoid or minimize business disruption when the IT Infrastructure is challenged by planned or unplanned events. IT resiliency is […]
AAFCPAs Recommends Common Sense Precautions After Spoofed Email
AAFCPAs was recently informed that one of its email accounts had been spoofed, i.e., an outside party impersonated the company while sending spam. Consequently, some individuals may have received an email that appeared authentic but contained inappropriate or spam-like content or promoted products or services that we do not sell. We want to assure you […]
SV Bank Crisis Has Businesses Hyper Focused on Cash Management
Regulators shut down Silicon Valley Bank (SVB) on March 10th (Friday), in the largest U.S. bank failure since the 2008 financial crisis. The failure was attributed to a run on the bank and liquidity issues. On March 12th (Sunday), the Department of the Treasury, Federal Reserve, and FDIC issued a statement announcing actions enabling the FDIC to complete its resolution of SVB in […]
SOC 2 Meets Death Master File Certification Requirements
The System and Organization Controls (SOC) framework may be mapped to achieve requirements of the National Technical Information Service’s (NTIS) Limited Access Death Master File (LADMF) certification. When choosing SOC 2 to achieve your LADMF certification, businesses may also benefit from the marketing value of their SOC 2 attestation, which demonstrates your commitment to access […]