Risk Advisory
October Designated National Cybersecurity Awareness Month
October kicks off National Cybersecurity Awareness Month (NCSAM), which is dedicated to raising public awareness on the importance of cybersecurity. Launched in 2004 by the U.S. federal government, NCSAM aims to encourage businesses and individuals to investigate potential risk along with strategies to improve the security of critical infrastructure. Where To Start The threat landscape […]
FQHCs Prepare for National Cybersecurity Awareness Month
FQHCs are faced with an ever-shifting cybersecurity landscape due to emerging technologies and shifting internal and cloud vulnerabilities. Adding to this are regulations designed to keep pace as well as the data (health and personally identifiable) that live through their systems. The U.S. federal government has designated October as National Cybersecurity Awareness Month (NCSAM). AAFCPAs […]
Cyrillic Characters Used in Cyber Attacks
Recent reports show hackers substituting Roman alphabet with Cyrillic alphabet characters to deceive recipients. In their article “Real or Imposter? Everything You Need to Know About ‘Homoglyph’ Phishing”, CISO MAG describes this tactic, known as The Internationalized Domain Name (IDN) homoglyph attack, as “a deception technique that uses homoglyphs or homographs, in which an attacker […]
Securing Your IT Infrastructure & Creating Resiliency
IT infrastructure is the combination of hardware, software, communications, data centers/hosting services, and human resources that allow an organization to deliver information technology services to its constituent communities. IT resiliency refers to an organization’s ability to avoid or minimize business disruption when the IT Infrastructure is challenged by planned or unplanned events. IT resiliency is […]
AAFCPAs Recommends Common Sense Precautions After Spoofed Email
AAFCPAs was recently informed that one of its email accounts had been spoofed, i.e., an outside party impersonated the company while sending spam. Consequently, some individuals may have received an email that appeared authentic but contained inappropriate or spam-like content or promoted products or services that we do not sell. We want to assure you […]
SV Bank Crisis Has Businesses Hyper Focused on Cash Management
Regulators shut down Silicon Valley Bank (SVB) on March 10th (Friday), in the largest U.S. bank failure since the 2008 financial crisis. The failure was attributed to a run on the bank and liquidity issues. On March 12th (Sunday), the Department of the Treasury, Federal Reserve, and FDIC issued a statement announcing actions enabling the FDIC to complete its resolution of SVB in […]
SOC 2 Meets Death Master File Certification Requirements
The System and Organization Controls (SOC) framework may be mapped to achieve requirements of the National Technical Information Service’s (NTIS) Limited Access Death Master File (LADMF) certification. When choosing SOC 2 to achieve your LADMF certification, businesses may also benefit from the marketing value of their SOC 2 attestation, which demonstrates your commitment to access […]
Live Session: Cybersecurity, April 27
AAFCPAs’ Annual Nonprofit Educational Seminar is Virtual Again in 2022! AAFCPAs is offering a full day of educational content (9am – 3pm) designed to educate, challenge, and inspire nonprofit professionals! As a client and/or friend of AAFCPAs, your registration is complimentary. Reserve your seat.>> Featured Session: Cybersecurity (9:50am – 10:20am) In the rapidly evolving threat […]
Cyberthreats Related to Russia/Ukraine Conflict
AAFCPAs reminds clients to anticipate cyberthreats as the Russia/Ukraine crisis continues to escalate. “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning of the risk of Russian cyberattacks spilling over onto U.S. networks, which follows previous CISA warnings on the risks posed by Russian cyberattacks for U.S. critical infrastructure,” reported Harvard Business […]