Jun 7, 2018 9:30:00 AM

Building the Audit of the Future: The Roles of Robots and Humans

When most people think about the audit of the future they think about robots. Now, I don’t know about you but when I think about robots and the future I think about people wearing white jumpsuits driving flying cars. In my mind, I see a mix of something like the Jetsons meets Tomorrow Land in Walt Disney World. Unfortunately, while all of this is very exciting, it’s not exactly what the audit of the future is going to look like. Instead, the audit of the future is going to look technical at first (so, there will be some robots), and then it will take a fast 180° and feel a lot more fluid than technical. Today, I want to talk about the first half of the audit of the future, the technical piece, and then next week dive into the less concrete, client relationship piece.

Topics: cybersecurity, Cyber Assurance Insights, Audit of the Future

Feb 27, 2018 1:04:33 PM

Providing Peace of Mind Around Your Law Firm's Data Security

Have you ever wondered why Amazon Web Services (AWS) is so focused on security? When you visit their compliance page, they have nearly every privacy and security badge available, noted with the global standards highlighted below:

Topics: cybersecurity, SOC 1 Audit, securing your data, SOC for Cybersecurity, Cyber Assurance Insights, Cyber SOC, Compliance

May 11, 2017 10:00:00 AM

Breaking Bank: Episode 1

I don’t know about you, but I’ve read a lot of content-filled, factually intense cybersecurity articles over the past few months. I’ve read so many that I begin hearing similar concepts without actually understanding how it impacts my clients specifically. For this reason, today I don’t want to spout off a bunch of information (as accurate as it may be) and tell you to go make sense of it, I would instead like to tell you a story. So sit back, relax, and enjoy the movie (cue Disney Castle scene)…

Topics: cybersecurity, Cyber Assurance Insights

Nov 22, 2016 10:00:00 AM

FFIEC Cybersecurity Assessment Tool Frequently Asked Questions

This past month the FFIEC issued a statement to provide clarification on several questions the FFIEC recieved for the Cybersecurity Assessment Tool (CAT). Since the release of the CAT and with the statement issued last month, I have recieved numerous questions from clients that I wanted to share with you to provide you insight on its value and use to your management team. So, here are our FAQs:

Topics: cybersecurity, cybersecurity assessment tool

Nov 1, 2016 10:00:00 AM

GAO Audit: Can We Learn From Their Mistakes

The old saying “if it ain't broke, don’t fix it” immediately came to mind as I began to look at the audit report from the Government Accountability Office regarding Federal Agency Security. The reason this quote came to mind is that in information security, there are some serious breaks in need of very intentional fixing. It is evident from the amount of information security incidents that have occurred over the past several years that there is much in disrepair. In fact, since 2006, the number of incidents that we know about has risen from 5,503 to 67,168 according to the recent GAO Federal Information Security report. If this isn’t cause for concern I’m not sure what is.

Topics: cybersecurity

Jun 28, 2016 10:30:00 AM

4 Tips for Password Management

With the recent high-profile social media account hacks, it has become apparent that password management is a challenge for users that has not been adequately addressed. After all, if the founder of the most popular social network’s accounts can be hacked, we (as a society) have somehow missed the boat on proper password management. Not only is password management a problem for celebrities, but password hacks are becoming a problem for many enterprise organizations such as Citrix (and countless others).

Topics: cybersecurity, Password management

Jun 15, 2016 10:30:00 AM

Key Takeaways From the FFIEC Joint Statement on Cybersecurity

This past week the FFIEC issued a statement advising financial institutions to actively manage the risks associated with interbank messaging and wholesale payment networks. The FFIEC warned financial institutions to assess their risk and to determine the presence of risk management practices and controls. The FFIEC urged institutions to request specific security control recommendations from their payment system provider.

Topics: cybersecurity