Many companies recognize the need to transform or expand resources for their internal audit and risk management functions in response to economic challenges and ever-expanding regulatory requirements.
If you are one of these companies, you understand the importance of enhancing business value by implementing a balanced approach to risk-management, regulatory compliance and operational effectiveness.
Our experienced internal audit, risk and compliance services professionals deliver a hands-on, practical approach to internal audit and risk management and compliance functions with a focus on you and your business in the following areas:
Hackers are increasingly targeting companies at an alarming rate. It only takes one click to bring the services of a company to a halt. Most believe that having the best firewalls in place will mitigate this risk, but in reality their most vulnerable firewall is the human firewall. Security training and awareness most be continuous to keep up with ever-evolving threats. Especially since hackers are always one day ahead of the firewalls that protect you.
According to digital security provider Gemalto, despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are underinvesting in technology that adequately protects their business, according to the findings of the fourth annual Data Security Confidence Index Survey.
According to a recent public service announcement, the FBI's Internet Crime Complaint Center ("IC3") states the business email compromise (BEC)/email account compromise (EAC) scam continues to grow. BEC is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The EAC is a component of BEC targeting individuals that execute wire transfer payments. The scam is carried out when a subject compromises legitimate business email accounts through social engineering (ex. phishing) or computer intrusion techniques to make unauthorized transfers of funds.
WannaCrypt is a serious ransomware attack that has caused major interruptions to individuals, businesses and governments around the world. However, what gives this ransomware teeth is that it took advantage of a vulnerability in Microsoft operating systems that has been public knowledge. Anyone who was using an operating system newer than Windows XP, could have simply patched their workstation and their only risk was to click on a link they shouldn't have. The problem is many people and organizations haven't patched their computers or are still running Windows XP.
UHY Advisors convened a roundtable discussion among financial services industry professionals on Thursday, June 16th to explore the implications and causes of recent cyber bank heists. The roundtable, “Lessons Learned from Cyber Bank Heists,” launched UHY’s Financial Services Roundtable series and included compliance, risk management, internal audit, and technology managers from some of the world’s largest banks and financial services firms.