SEC: Consider Cyber-Threats When Implementing Internal Controls
The Securities and Exchange Commission has issued an investigative report urging public companies to consider cyber-threats when implementing internal accounting controls.
Study Identifies Top Ten Cybersecurity Threats
Despite record spending on cybersecurity, a new study finds that IT security breaches remain at epidemic levels. According to a new report conducted by Osterman Research, a whopping 70 percent of the more than 200 medium and large organizations surveyed reported being the victim of at least one successful cyber-attack Read More
What’s Keeping Audit Chiefs Up at Night?
A new survey of the top risks that most concern chief internal auditors finds that cybersecurity and data privacy are among the issues that still cause the most headaches for company officials. The research, conducted by the Chartered Institute of Internal Auditors and based on responses from more than 300 Read More
IIA Issues Guide on Auditing Insider Threat Programs
The Institute of Internal Auditors issued a new guide on insider threat programs that is designed help internal auditors understand insider threats and related risks by providing an overview of common traits of main players, key risks, and potential impacts. The guide also covers security frameworks, techniques, considerations, and resources Read More
Deadline Looms for New York Financial Audit-Trail Law
The deadline is looming for banks and financial institutions that do business in New York to comply with new regulation that requires them to keep an audit trail of financial transactions for at least five years. Provisions of the Cybersecurity Regulation, which was passed in March 2017, will go into Read More
Rogue Tesla Insider Sabotages Code, Exports Sensitive Data
An angry Tesla employee tried to damage the company by inserting bad code into the electric car company’s manufacturing system and illegally exporting data to third parties. The case serves as a reminder to the damage that rogue employees can do and the need for internal controls to prevent such Read More
Study: Most Crisis Response Plans Go Untested
A new study from Deloitte indicates that it might be time to audit the crisis management plan. The study based on responses of 523 senior executives involved in risk, crisis management, and business continuity finds just 17 percent say their organizations have tested their crisis response plans. That’s way to Read More
Boards to Seek More Reporting on Cybersecurity Effectiveness
A new survey finds that corporate boards are expected to ask IT, IT audit, and other functions responsible for securing the company’s data and systems for more information on the effectiveness of cybersecurity programs. The survey, by Deloitte, found that 62.7 percent of C-suite and other executives expect board directors’ Read More
Twitter Internal Audit Identifies Password Security Problem
Due to a bug discovered during an internal audit, social media company Twitter is recommending users change their passwords. An audit found that passwords were being stored in plaintext before an encryption process took place to secure the passwords on internal files. The company has fixed the bug, but is Read More
Think Your Company’s High-Value IP Is Safe from Hackers? Think Again!
New survey results from the Ponemon Institute are likely to send shivers down the spines of IT auditors, cybersecurity professionals, and risk managers. The alarming results say companies are losing the battle to protect digital assets and intellectual property from hackers and online thieves. Here’s the lowlights: A whopping 82 Read More