Information Security and Cybercrime Prevention Essentials

Why Should You Attend:

While “low-tech” frauds such as document forgery, theft of cash and duplicate billing schemes continue to plague organizations of all kinds, computers and the internet have become the weapon of choice of millions of dishonest individuals – both inside and outside an organization. Hence, without the necessary technological expertise an organization is at risk of potentially devastating and costly cybercrimes.

This information security training will focus on educating attendees about common types of cyber-crimes, the biggest information security breaches in recent history, who commits fraud and why, and how to build an information security compliance framework with procedures for each business function. It will also cover the lessons from information thieves and cybercriminals, and the common types of information likeliest to be targeted.

Attendees will get a comprehensive knowledge on how to detect and prevent information security breaches at their organizational level and the tools for effective implementation of Anti-Cybercrime controls.

Learning Objectives:

Participants will be able to

• Plan a risk assessment of your information security exposure
• Justify the resources needed to comply with regulatory requirements
• Identify where to focus in your evaluation of cyber-risk
• Integrate information security compliance your organization-wide compliance program
• Build an information security compliance framework with procedures for each business function

Areas Covered in the Webinar:

• Introduction
• Statistical overview of the cyber-crime problem.
• Summary of biggest information breaches in recent history
• Who commits cybercrime (insider vs. outsider)
• Why employees commit cyber-fraud (The Fraud Triangle)
• Lessons from information thieves and cybercriminals
• Type of information likeliest to be targeted (personal identifiable, trade secrets, etc.)
• Greatest risk factors (inadequate employee training and awareness, over-reliance on technology, etc.)
• Common types of information security/cyber fraud today
• Bank account takeover—conventional vs. cyber
• Internal computer-based theft of proprietary information
• Information security breach (internal AND external)
• Phishing
• Spear-phishing
• Smishing
• Scareware
• Mobile banking fraud
• Industrial espionage
• Social networking and constant online communication— and the proliferation of communication devices, networks, and users—have generated new vulnerabilities that create more cybercrime opportunities.
• Red flags of AP fraud
• Fraud detection
• Nature of cyber fraud is rapidly evolving and changing
• Build an Organization Risk Profile– US Secret Service recommends assessing your systems to identify vulnerabilities
• Hire proper experts to advise on implementation of proper detection software and practices
• Anti-cybercrime controls
• Internal technology and process controls
• Management’s urgent role in prevention
• Who should manage anti-fraud activities
• Internal controls: do’s and don’ts
• General controls: IT security, background investigation
• Specific controls: Harder passwords, tougher authentication, isolation of vulnerable cash-handling computers/networks.

Who will Benefit:

• Internal auditors
• Internal control management
• Risk managers
• Privacy officers
• Security managers
• IT staff
• Information security staff
• Compliance managers

Instructor Profile:

Peter Goldmann, has 25 years of experience as a business journalist and trainer, having launched, edited and published numerous business trade periodicals covering small business, international trade, management strategy, banking and personal finance. Mr. Goldmann is a Certified Fraud Examiner (CFE) and a member of the Editorial Advisory Committee of the Association of Certified Fraud Examiners (ACFE) as well as an active member of the Institute of Internal Auditors, the High-Tech Crime Investigation Association and the IOFM Controller Certification Advisory Board. He is a regular columnist for the ACFE’s newsletter, The Fraud Examiner and is a frequent contributor to other leading industry publications on anti-fraud topics.

He is president of White-Collar Crime 101 LLC, the publisher of White-Collar Crime Fighter, a widely read monthly newsletter for internal auditors, controllers, corporate counsel, financial operations managers and fraud investigators. He is the author of Fraud in the Markets: Why it Happens and How to Fight It, published by John Wiley & Sons, as well as four other anti-fraud books.

Topic Background:

Sony, Google, Wells Fargo Bank, AOL, the US Defense Department are only a small fraction of the thousands of organizations worldwide whose sensitive secrets have been stolen or exposed by cyber-criminals.Not to mention the countless number of retail merchants whose customer credit and debit card data has been stolen in order to manufacturer counterfeit cards, initiate fraudulent online purchase or perpetuate the vast and dangerous underground economy in stolen personal information.

These and other cyber-attacks have led governmental entities to establish a patchwork of laws requiring custodians of personal information doing business in their locality to provide safeguards and assurance that PII is secure. Yet, cybercriminals continue to flourish – forcing organizations like yours to scramble to enhance security measures that will—hopefully—protect against these costly assaults.

Follow us :