Current Tech Crimes–Ripped From the Headlines

Randy Johnston, K2 Enterprises

Security is a top concern for CPAs every year. Yet many hacks result from organizations not implementing effective internal controls over information technology. In this session, you will learn about critical IT-related controls using a case study approach with stories which are all new for 2020. More specifically, you will learn from real-world examples of breaches and security failures. Accordingly, you will understand better how to protect your company and its data. Attend this fast-paced session and learn more about IT-related controls you can use to prevent computer crimes such as identity and information theft, tax refund fraud, and more.

It's time to stretch and get a coffee refill.

1. Building a Solid Information Security Framework

   Ron Bush, Ron Bush Consulting, Inc.

   Attendees will learn the risks every CPA faces in today’s business environment and how to protect themselves through a logical structure that incorporates internal and external sources. General best practices and specific system design is needed in every business but even more so for the CPA that serves a variety of industries and markets. Are your clients in healthcare, financial services, manufacturing, law, retail or services, such as real estate, insurance or not for profits? Not only are they targets for cybercriminals but so is your practice because you hold some of the most important data for the hacker.
   
   

2. A CPA’s Guide to Where Cybersecurity and the Financial Statement Audit Intersect

   Sean Katzenberger, CISA, Crowe, LLP

   Cybersecurity is a real threat for all organizations. It is not something we can ignore and hope it does not impact us or our organizations. As a CPA it is important to not only understand cybersecurity risk and controls, but how it could impact your financial statement audit. During this course we will discuss:

   • Cybersecurity concepts, common attack methods, and trends statistics
   • Relevant cybersecurity guidance and industry frameworks for our clients based on their size, maturity and industry
   • Cybersecurity risk management programs, including testing, insurance, incident response, SOC reports, and Board reporting
   • How cybersecurity is impacting financial statement audits.

It's time to stretch and get a coffee refill.

1. Designing Secure IT Systems, CLOUD

   Bryon Palitto, Palitto Consulting Services

   Network security is a fundamental element of SMB risk management. In this session, attendees will learn about critical security technologies for small and medium business network hardening. How do you design an effective strategy for keeping at the front edge of security tools and methods? What is a unified threat management (UTM) system and how do you deploy it? What are the benefits and options of UTMs? We will also address password management, multi-factor authentication and single-sign-on strategies. Attendees will leave with tangible and helpful actionable items. There will also be the opportunity to ask questions at the end of this session.
   
   

2. Phishing – Trapping a Phish in YOUR Net Rather Than it Trapping YOU

   Chris Werling, Cornerstone Management Advisors

   Phishing is now among the most common ways of hacking and gaining financial rewards in the hacker community. How can you keep from becoming yet another victim? We will talk about how to spot a phish, how to tell where an email REALLY comes from, and how to respond to a seemingly valid email.



Think Like a Hacker, Defend Like a Pro: Tips to Protect Your Company and Yourself from Cybercrime

Prashanth Challa, Morgan Stanley Wealth Management

According to a 2020 report by Verizon, 86% of data breaches were financially motivated. Now more than ever, it’s important to take stock of your personal and professional cybersecurity practices. In this session, Morgan Stanley cybersecurity expert Prashanth Challa will brief attendees on the cyber and fraud threat landscapes and detail practical steps to protect your company and clients. Prashanth began his career at the National Security Agency (NSA), where he conducted and led a team performing computer network operations, developed exploits and implants, and researched vulnerabilities through reverse engineering.

It's time to stretch.



1. Privacy – What Are You Knowingly Sharing Online and How to Stop Doing It

   Chris Werling, Cornerstone Management Advisors

   What are you knowingly… and unknowingly… sharing online? What private information is being unknowingly shared about you and your clients online? We will discuss this along with how you can see what is being shared about you and how you can purge some of that information from being shared with others.
   
   

2. Layered Security for CPAs Working with Enterprise Organizations: How the Larger Corporations are Different from SMBs

   Ron Bush, Ron Bush Consulting, Inc.

   Common threads run through all organizations regarding their information security needs, but just as each industry has specific compliance and cybersecurity requirements, so do businesses of differing sizes. You would not give the same advice to a sole practicing attorney and a Fortune 100 company. You also cannot look at your own information security regarding different sized clients. The difference isn’t always in the number of employees or their annual revenue. Attendees will learn what the differences are and how to prepare your company to provide the appropriate level of security to and for their clients.

It's time to stretch.

Digital Security Post-COVID: What Keeps You Up at Night?

Cory Campbell, CPA, PhD, Indiana State University

As businesses redefine the norms and policies required to conform to whatever the new normal looks like in a post-COVID world, the CPA profession needs to embrace the technological changes from disruptive technology and the associated risks posed by new cybersecurity threats. The challenge of cybersecurity is to keep pace with the dynamically evolving cybercrime—which is confounded by a greater protections for consumer data being adopted to the legal and regulatory environment. What are the implications of this for business and commerce and what does this mean for the accounting profession?