2024 Risk Advisory Update – Keiter Knowledge Sharing

By Keiter CPAs

2024 Risk Advisory Update – Keiter Knowledge Sharing

Understanding cybersecurity threats and mitigation strategies

In today’s digital age, cybersecurity has become a critical concern for businesses of all sizes. During Keiter’s 2024 CPE seminar, Scott McAuliffe, Risk Advisory Services Partner, and Chris Moschella, Risk Advisory Services Senior Manager, discussed several key aspects of cybersecurity, focusing on common attack vectors, trends, and effective mitigation strategies.

Trends regarding cyber attacks

Multiple trends and insights were shared from the IBM Security 2023 Cost of Data Breach Report to showcase various attack vectors used by cybercriminals.

Phishing, Business Email Compromise (BEC), and Social Engineering remain some of the most common cyber threats, with 54% of attacks originating from end-user vulnerabilities.

Ransomware is still significant concern, especially as attackers increasingly target email systems and exploit weak authentication protocols. Nearly 1 in 4 cyberattacks result in ransomware incidents.

Detailed scam scenarios

The seminar provided detailed scenarios of common scams, including vendor record scams, wire fraud scams, and data theft. These scenarios illustrated how attackers exploit vulnerabilities within organizations to steal money and sensitive information.

Vendor record scam: This scam involved a hacker gaining access to an employee’s email account and sending fraudulent payment instructions to update vendor records. The hacker then receives the payments intended for the legitimate vendor.

Wire fraud scam: In this scenario, a hacker impersonates a company executive and sends urgent wire transfer requests to the finance department. The urgency and authority of the request often leads to the transfer being completed without proper verification.

Data theft: This scam involved a hacker posing as an internal auditor and requesting sensitive payroll information. The hacker then used this sensitive employee information for malicious purposes.

Mitigation strategies

To combat these threats, the seminar highlighted several key mitigation strategies:

  1. Security awareness training: Regular training sessions for employees to recognize and respond to phishing attempts and other cyber threats.
  2. Multifactor authentication: Implementing multifactor authentication to add an extra layer of security for accessing user accounts.
  3. Internal controls: Establishing robust internal controls, such as strong password controls, user access reviews, and conducting regular audits.
  4. Advanced technical solutions: Utilizing advanced technical solutions like endpoint protection, sophisticated firewalls, and network monitoring to detect and prevent cyberattacks.

The importance of cyber insurance

The seminar also discussed the role of cyber insurance in mitigating the financial impact of cyberattacks. Having a comprehensive incident response plan and involving legal and insurance professionals quickly can help organizations recover more effectively from a cyber incident.

Conclusion

The 2024 Fall Risk Advisory Services CPE session provided valuable insights into the evolving landscape of cybersecurity threats and the strategies businesses can employ to protect themselves. By staying informed about the latest trends, providing security training, and implementing robust security measures, organizations can better safeguard their assets and maintain the trust of their customers.

Learn how Keiter can help your business mitigate cyber security risks.

Share this Insight:

About the Author


Keiter CPAs

Keiter CPAs

Keiter CPAs is a certified public accounting firm serving the audittax, accounting and consulting needs of businesses and their owners located in Richmond and across Virginia. We focus on serving emerging growth businesses and companies in the financial servicesconstructionreal estatemanufacturingretail & distribution industries and nonprofits. We also provide business valuations and forensic accounting servicesfamily office services, and inbound international services.

More Insights from Keiter CPAs

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.

Categories

Contact Us