“Cybersecurity awareness and training is everyone’s business”

“Cybersecurity awareness and training is everyone’s business”

Posted on

Chris Moschella, Risk Advisory Services Senior Manager, shared his insights on cybersecurity awareness and training in an article for Inside Business, The Hampton Roads Business Journal.


“W-2 fraud, spear phishing and executive impersonation wire-fraud scams are just a few of the attacks that target people rather than systems.

Although the “technical hack” still occurs (Equifax) security researchers agree most attacks start with individuals being targeted in their email. Many of these attacks cannot be caught by even the most advanced email filters.

So, we’re left in the unfortunate situation where, for certain types of cyberattacks, the end user is the only layer of defense. In many organizations, however, the prevailing view among leaders and employees is that IT security is the sole domain of the technology staff.

This creates a major gap between the reality of the threats and the defenses in place, which sadly leads to successful attacks against organizations every day. The reality truly is that cybersecurity is everyone’s business.

Sometimes referred to as the human firewall, a motivated and cyber-aware workforce is as important as any technological defense to the organization. The good news is, relative to other cybersecurity expenditures, a robust security awareness training program is fairly inexpensive, especially when considering the amount of risk it mitigates. The bad news is it takes executive buy-in and organization-wide cooperation.”


Interested in learning how to protect your business from cybersecurity threats? Contact us. Our Cybersecurity team can help. Our team is focused solely on evaluating business processes, information technology controls, and security. As such, we possess a unique combination of business and IT expertise and communicate effectively with business and IT professionals alike.

About the Author

Chris is a Senior Manager in Keiter’s Risk Advisory Services. Chris has a strong combination of IT skills, which range from IT audit and internal control assessments, including general computer controls and application controls, to full stack web development. Most recently, Chris developed a Cybersecurity web application that assesses an organization’s resistance to social engineering attacks. Chris shares his cybersecurity insights on our blog.

More Insights from Christopher Moschella, CPA, CISA

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.


How Can We Help You and Your Business?

Innsbrook Corporate Center
4401 Dominion Boulevard
Glen Allen, Virginia 23060

804.747.0000 or 804.273.6200