To provide you with practical tips for your practice and “must-do items” to put into place when you return to work
Learn about the steps involved in a social engineering attack, the different types of social engineering attacks, and why they are so successful and prevalent. Also review the methodologies and techniques in detecting them, and the effectiveness of various approaches.
Take a deep dive into Ernst & Young’s cybersecurity framework focusing on forensic discovery and incident response. Uncover the scalable aspects of the framework relating a plan built for a fortune 500 company that can work for a company of any size.
In the large scheme of things how does a small firm potentially impact a larger organization? Why should a small firm participate in a third party audit if the revenue does not justify responding or complying? Many regulatory compliance frameworks are focusing on third party risk and this impact can be felt in third party assessment questionnaires. The speakers will share experiences as well as methods to work with your clients both externally and internally, to develop an understanding to drive partnership with assessing entities and generating compliance with internal departments. Participants will gain:
- Insight into how to respond to third party assessments
- An understanding of how it will benefit your organization as a competitive advantage
Security is important, we can all agree. But where do you begin if you don’t have a driving factor like regulatory compliance to dictate? Luckily there are several frameworks to help you develop a security program with a focus on priorities and how to build a long-term and short-term roadmap. Participants will:
- Determine where to begin and how to find a framework that works for you, even if you have regulatory compliance
- Gain an understanding of how to develop your own roadmap for security
Security starts with a plan and direction usually in the form of policies, standards, processes and guidelines. The goal of this session is to put together a method for building, or if you already have policies and standards, how to develop a comprehensive program that supports your current and future security requirements. Participants will develop:
- An understanding of the differences between policies, standards, STIGs, processes and guidelines
- A hierarchy of what is required for policies and standards
- Simple ways to develop your own policies or leverage other policies already published
The Virginia Society of CPAs (VSCPA) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: NASBARegistry.org.