Business-Driven Risk Management and Cybersecurity

Aaron Pritz, Reveal Risk

Businesses and CPA firms today must focus beyond technology risks when it comes to managing cybersecurity risks. It is important to hone in on business risks, impacts, and controls to focus and prioritize their cybersecurity efforts. Gone are the days where security is an IT driven responsibility.

Aaron Pritz will focus on how to inspire your organizations and firms to bring the burden of securing your companies out of the basement of IT and into a more holistic business-oriented effort. He will explore the modern business risk and threat landscape that organizations face and how to make the cyber (one of the top enterprise risks of this century) more manageable.

It's time to stretch and get a coffee refill.

High Tech Crimes Unit: A Partnership between Indiana State University & Vigo County

Dr. Jason James, CFE, CIA, CISA, Sec+, SSCP, Indiana State University

Join Dr. Jason James, CFE, CIA, CISA, Sec+, SSCP, Instructor of Cybersecurity at Indiana State University as he leads a discussion on the new partnership Indiana State University has formed with Vigo county and why it’s a win-win for both students at Indiana State University School of Criminology and Security Studies and Vigo county.

Topics discussed in this session include:

• What is Vigo county and Indiana State University are sharing about cybercrimes
• Types of cyber-attacks/crimes we are seeing
• Real life cases of cybersecurity attack and how they were resolved
• What happens after a cyberattack occurs

It's time to stretch.

Things to Consider when Securing Cyber Insurance

Siddharth “Sid” Bose, Ice Miller, LLP.

This session will cover the basics of cyber insurance, and the common pitfalls in cyber insurance coverages. This session addresses what companies should consider when assessing their cyber insurance policy and overall coverage approach. Participants will learn from review of cyber events and their repercussions, executive level perspectives on insurance, exclusions (e.g. “act of war”), coverage losses, and considerations in procuring/renewing coverage and the potential cyber insurance market of the near future.

Quantifying your Organization’s Information Security Risk Posture

Joanna Grama, JD, CISSP, Vantage Technology Consulting Group
Ben Phillips, CPA, CISA, CITP, Katz Sapper & Miller

This session will cover the background behind what a risk assessment is and the key steps in performing an enterprise Information Security Risk Assessment. Participants will learn common best practices, industry trends, and common pitfalls in developing and evaluating an organization’s Information Security Risk Program. In addition, participants will gain visibility to common trends and risks as it relates to third parties and how vendor risk management can impact an organization’s overall Information Security Risk posture.

It's time to stretch.

Demystifying the Cloud

Aaron Toops, AERIFY.io

Are you hazy on what the cloud actually is? Aaron Toops, Founder and CEO of AERIFY.io will discuss why you should be using cloud technology with your practice or in your organization. Spend some time learning about the cloud in real and clear terms. No nerd talk, ok maybe a little nerd talk. In this session, you will learn how you can leverage the cloud to better protect your firm or organization.

Topics discussed in this session include:

• Introduction to the cloud – the basics
• What are the benefits of being in the cloud?
• What are the risks while in the cloud?
• Security awareness while in the cloud

It's time to stretch.

Financial Fraud Through Cybercrime—Commonly Targeting Accounting

Max Henderson, Pondurance

Federal authorities have arrested hundreds of cybercriminals that are part of an international group conducting cyber financial fraud. This group successfully scams victims that are employees focused around accounting services. Their complex schemes involve email, invoice fraud, e-commerce, payroll, and social engineering. Join Max Henderson, Manager of Incident Response at Pondurance, to dive into a case study on this cybercriminal including:

• Their motivations and target victims
• Their unique scheme to gain access to data
• Recommendations for policy improvement to reduce this group’s success rate