Safeguard Your Organization’s Invaluable Information
One of the unintended consequences of the information age is the availability of Personal Identifiable Information (PII). PII – the combination of name, date of birth, and Social Security Number – is the key to the kingdom for the purposes of establishing false identity and committing a host of different frauds. Lost laptops, network break-ins (breaches), and phishing expeditions have led governmental entities to establish a patchwork of laws requiring custodians of personal information doing business in their locality to provide safeguards and assurance that PII is secure.
Yet, cyber criminals continue to succeed in stealing large numbers of PII records and have branched out into theft of corporate secrets, cyber-sabotage (e.g. Sony Playstation) and other costly offenses. This webinar by our expert speaker Peter Goldmann will highlight current and emerging cyber-threats with latest insights and advice on how to protect the organization.
Why you should attend?
While “low-tech” frauds such as document forgery, theft of cash and duplicate billing schemes continue to plague organizations of all kinds, computers and the Internet have become the weapon of choice of millions of dishonest individuals – both inside and outside of your organization. This means that without the necessary technological expertise your organization is at risk of potentially devastating and costly cybercrimes.
Participants will be able to:
• Plan a risk assessment of your information security exposure
• Justify the resources needed to comply with regulatory requirements
• Identify where to focus in your evaluation of cyber-risk.
• Integrate information security compliance into the entity-wide compliance program
• Build an information security compliance framework with procedures for each business function
• Statistical overview of the cybercrime problem.
• Who commits cybercrime? (insider vs. outsider)
• Why employees commit fraud? (The Fraud Triangle)
• Lessons from information thieves and cybercriminals
• Type of information likeliest to be targeted (Personal Identifiable, trade secrets, etc)
• Greatest risk factors (Inadequate employee training and awareness, over-reliance on technology, etc)
COMMON TYPES OF INFORMATION SECURITY/CYBER FRAUD
• Bank account takeover — conventional vs. cyber
• Internal computer-based theft of proprietary information
• Information security breach (internal and external)
• Mobile banking fraud
• Industrial espionage (case study – Chinese Ford employee)
• Social networking and constant online communication, and the proliferation of communication devices, networks, and users have generated new vulnerabilities that create more cyber crime opportunities.
RED FLAGS OF AP FRAUD
• Specific red flags of the main types of cybercrime. • Implementing an organization-wide system for detecting, preventing and investigating cybercrime
• Nature of cyber fraud is rapidly evolving and changing
• Build an organization risk profile– US Secret Service recommends assessing your systems to identify vulnerabilities
• Hire proper experts to advice on implementation of proper detection software and practices
• Internal technology and process controls
• Management’s urgent role in prevention
• Who should manage anti-fraud activities?
• Internal controls: Dos and Don’ts
• General controls: IT Security, background investigation • Specific controls: Harder passwords, tougher authentication, and isolation of vulnerable cash-handling computers/networks.
This session is appropriate for internal auditors, internal control management, risk managers, privacy officers, security managers and IT staff.
Peter Goldmann is president of White-Collar Crime 101 LLC, the publisher of White-Collar Crime Fighter, a widely read monthly newsletter for internal auditors, controllers, corporate counsel, financial operations managers and fraud investigators. The newsletter is in its 15th year of public...
Disclaimer: The content herein does not represent any association between CFPB and Eli Financial LLC. CFPB neither endorses any product of Eli Financial LLC nor warrants accuracy of the content hereto.