2021's Biggest Security and Privacy Concerns (Completed)
Date: Thursday, September 16, 2021
Instructor: Stephen M. Yoss
||12:00pm Pacific Time
1:00pm Mountain Time
2:00pm Central Time
3:00pm Eastern Time
||2 hours for CPAs
Technology is a business-critical business capability in today’s day and age. Any interruption to an organization’s ability to use its information system poses a significant risk to the viability of the organization. Data breaches, cyber-attacks, and ransomware are examples of some of the biggest existential risks facing businesses today. There are threat actors all around the world that entirely focus on stealing organizational data, stealing economic resources, and disrupting the flow of business. They are using complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. From recently released data breach reports, there were 100k data breaches publicly reported in 2020 alone. Resulting in the personal information of millions of people worldwide being released, billions of dollars of organizational assets, and putting countless people in harm’s way.
This course will go over recent major security breaches including breaches at Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, LabCorp, and others. It will discuss how these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them. Each case study will discuss a different form of security vulnerability and how to prevent it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and from that experience develop their own security best practices for their organizations.
- Recent major security breaches
- How these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them
- Case studies will discuss a different form of security vulnerability and how to prevent it
- Recognize social engineering and how to prevent becoming a victim
- Identify the auditing process for IT and forensic accounting
- Describe how to select password management procedures and best practices (including multifactor authentication) for an organization
- Identify advanced security best practices including securing an organization's domain name server (DNS), firewall recommendations, and best practices for securing Windows 10.
- Recognize how to prepare a plan to help reduce the organizational risk for major security attacks for attacks like ransomware, distributed denial of service (DDoS), spear-phishing, and more
NASBA Field of Study
Information Technology (2 hours)