Armed with motive and skill, hackers and internal bad actors continue to release more sophisticated exploits taking advantage of opportunities “weaknesses” in our environments. Tomorrow’s auditor needs to know more than just the terms and concepts regarding cybersecurity. They need to understand what controls are needed, where the controls should be positioned and how to perform substantive tests to assess the controls reasonable effectiveness specifically related to cybersecurity.
During this seminar attendees will explore cybersecurity through a series of lecture segments and related scenarios based on actual events designed to reinforce the attendee's knowledge of effective control design, execution, warning signs and investigative techniques.
By the end of the session attendees will be armed with additional knowledge of how to implement and assess controls and how, as auditors, they can be a valued player in their organization's cyber defense team”.
What you will learn
You will learn what controls are needed, where the controls should be positioned and how to perform substantive tests to assess the cybersecurity controls.
1. What is Cybersecurity?
- cybersecurity basics including its connection with information security and data privacy
- ITGC–where it fits
- trends in cybercrime, analysis and technology (preventing, detecting, eradicating and disclosing): Malware, spyware/adware, ransomware, wiper, and account jacking
- overview of frameworks, Standards and guidelines including NIST cybersecurity framework, CIS/SANS, OWASP, cloud alliance and several related NIST 800 Series Guidelines
2. How Hackers Attack:
- physical and logical security
3. Cyber Law and Ethics
4. Cyber Insurance Fundamentals
5. Contract Basics:
- critical contract components
- data considerations: at inception, at rest, in transit, at end of life “data destruction”, and at contract termination
- SSAE18 SOC1 & SOC2+
6. The OSI Model
7. Asset and Configuration Management
8. Application Protections:
- least privilege
- federated security
- single sign-on
- identity management & role-based access
- operating system
- internal network
- perimeter network
- backup and restoral (in-house, cloud)
9. Cybersecurity Prevention 101: What can companies do to reduce the impact of cyber-attack?
- tools to detect and stop hackers
- dormant account monitoring
- DLP, IDS, IPS, LDAP, Exchange
- mobile management
- port, protocol and services monitoring
- vulnerability assessments and penetration testing
1. scans (hardware, software, traffic)
3. social engineeringcorrective controls: incident management, BCP, DR
10. Investigation Techniques:
- rules of evident collection
- introduction to developing queries
11. Other Critical Processes:
- patch management
- threat analysis
- cybersecurity risk assessment
12. Developing a Cyber Awareness Program
13. The Auditors Role in Cyber Defense
14. Scoping and Auditing Cybersecurity