News & Events

 Search

Articles for category Internal Audit, Risk & Compliance

Hackers are increasingly targeting companies at an alarming rate. It only takes one click to bring the services of a company to a halt. Most believe that having the best firewalls in place will mitigate this risk, but in reality their most vulnerable firewall is the human firewall. Security training and awareness most be continuous to keep up with ever-evolving threats. Especially since hackers are always one day ahead of the firewalls that protect you.

Read More

According to digital security provider Gemalto, despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are underinvesting in technology that adequately protects their business, according to the findings of the fourth annual Data Security Confidence Index Survey.

Read More

According to a recent public service announcement, the FBI's Internet Crime Complaint Center ("IC3") states the business email compromise (BEC)/email account compromise (EAC) scam continues to grow. BEC is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The EAC is a component of BEC targeting individuals that execute wire transfer payments. The scam is carried out when a subject compromises legitimate business email accounts through social engineering (ex. phishing) or computer intrusion techniques to make unauthorized transfers of funds.

Read More

WannaCrypt is a serious ransomware attack that has caused major interruptions to individuals, businesses and governments around the world. However, what gives this ransomware teeth is that it took advantage of a vulnerability in Microsoft operating systems that has been public knowledge. Anyone who was using an operating system newer than Windows XP, could have simply patched their workstation and their only risk was to click on a link they shouldn't have. The problem is many people and organizations haven't patched their computers or are still running Windows XP.

Read More

UHY Advisors convened a roundtable discussion among financial services industry professionals on Thursday, June 16th to explore the implications and causes of recent cyber bank heists. The roundtable, “Lessons Learned from Cyber Bank Heists,” launched UHY’s Financial Services Roundtable series and included compliance, risk management, internal audit, and technology managers from some of the world’s largest banks and financial services firms.

Read More

Earlier in the year we reported an increase in email phishing and spoofing scams this tax season. Recently, the Milwaukee Bucks made headlines when an employee leaked player financial information.

Read More

As consumers and businesses have begun receiving new credit and debit cards with shiny embedded microchips (known as EMV technology), many are unaware of the liability shift that occurred in 2015. As of October 2015, merchants that are not certified to accept EMV card transactions may be responsible for certain fraudulent charges, a change from standards that previously existed where the liability rested solely with the card issuer. Estimates indicate 94 percent of magnetic-only credit cards will be replaced by the end of 2016. As a result, businesses that accept credit cards face a dramatically different landscape compared to just a few short months ago.

Read More

IT security is a growing threat for businesses of every type and no organization is safe. While information security risks have been around for a long time (several Civil War battles were decided by details obtained by the enemy), today they bring with them challenging complexities and costly ramifications for businesses.

Read More

Due to the recent flooding in southeast Michigan, many businesses and individuals may be facing the loss or destruction of tax records. In the event of an IRS examination, the burden is on the taxpayer to prove any deductions claimed

Read More

On February 12, 2014 by decree of Executive Order the National Institute of Standards and Technology issued the "Framework for Improving Critical Infrastructure Cybersecurity".

Read More

1 2