Information Security and Cybercrime Prevention Essentials

This IT security training will summarize current and emerging cyber-threats and provide latest insights and advice from experts on how to protect the organization.

Why Should You Attend:

While “low-tech” frauds such as document forgery, theft of cash and duplicate billing schemes continue to plague organizations of all kinds, computers and the internet have become the weapon of choice of millions of dishonest individuals - both inside and outside an organization. Hence, without the necessary technological expertise an organization is at risk of potentially devastating and costly cybercrimes.

This information security training will focus on educating attendees about common types of cyber-crimes, the biggest information security breaches in recent history, who commits fraud and why, and how to build an information security compliance framework with procedures for each business function. It will also cover the lessons from information thieves and cybercriminals, and the common types of information likeliest to be targeted.

Attendees will get a comprehensive knowledge on how to detect and prevent information security breaches at their organizational level and the tools for effective implementation of Anti-Cybercrime controls.

Learning Objectives:

• Participants will be able to
• Plan a risk assessment of your information security exposure
• Justify the resources needed to comply with regulatory requirements
• Identify where to focus in your evaluation of cyber-risk
• Integrate information security compliance your organization-wide compliance program
• Build an information security compliance framework with procedures for each business function

Areas Covered in the Webinar:

• Introduction
• Statistical overview of the cyber-crime problem.
• Summary of biggest information breaches in recent history
• Who commits cybercrime (insider vs. outsider)
• Why employees commit cyber-fraud (The Fraud Triangle)
• Lessons from information thieves and cybercriminals
• Type of information likeliest to be targeted (personal identifiable, trade secrets, etc.)
• Greatest risk factors (inadequate employee training and awareness, over-reliance on technology, etc.)

Common types of information security/cyber fraud today

• Bank account takeover - conventional vs. cyber
• Internal computer-based theft of proprietary information
• Information security breach (internal AND external)
• Phishing
• Spear-phishing
• Smishing
• Scareware
• Mobile banking fraud
• Industrial espionage
• Social networking and constant online communication - and the proliferation of communication devices, networks, and users - have generated new vulnerabilities that create more cybercrime opportunities.

Red flags of AP fraud

• Fraud detection
• Nature of cyber fraud is rapidly evolving and changing
• Build an Organization Risk Profile- US Secret Service recommends assessing your systems to identify vulnerabilities
• Hire proper experts to advise on implementation of proper detection software and practices

Anti-cybercrime controls

• Internal technology and process controls
• Management’s urgent role in prevention
• Who should manage anti-fraud activities
• Internal controls: do’s and don’ts
• General controls: IT security, background investigation
• Specific controls: Harder passwords, tougher authentication, isolation of vulnerable cash-handling computers/networks.

Who Will Benefit:

• Internal auditors
• Internal control management
• Risk managers
• Privacy officers
• Security managers
• IT staff
• Information security staff
• Compliance managers