Author : | Jae K. Shim, Ph.D., CPA |
Course Length : | Pages: 131 ||| Word Count: 57,225 ||| Review Questions: 42 ||| Final Exam Questions: 48 |
CPE Credits : | 9.5 |
IRS Credits : | 0 |
Price : | $85.45 |
Passing Score : | 70% |
Course Type: | NASBA QAS - Text - NASBA Registry |
Technical Designation: | NonTechnical |
Primary Subject-Field Of Study: | Computer Software & Applications - Computer Software & Applications for Course Id 2177 |
Description : | The ease of access to and rapid flow of information makes cybercrime different from real-world crimes. For example, the transformation of crime with the establishment of the computer and networked technologies leads to the shift of target from more tangible to less tangible forms in values of wealth; from things to ideas expressed in informational sources. Cybersecurity is a complex and ever-changing phenomenon. This cybersecurity course for accountants online is designed to help you navigate the complexities of this field. It is divided into four parts: Part I: Adopt A Security Mindset - Cybersecurity is not just about techniques, it is also about a mindset, which is critical to crime prevention efforts. Part I introduces the concepts and understanding of the field of cybersecurity. It discusses some common cybersecurity myths and explains how to address them, and identifies cybersecurity frameworks for managing risk and reducing vulnerabilities. It also describes different types of cyberattacks and threat sources. Part II: Create A Security-Conscious Culture - Cybersecurity is only important to an organization if the board and management make it so. A successful cybersecurity program requires ongoing governance. Part II explains how to design and implementation of a holistic IT governance. It also provides guidance on how to develop an effective security policy. Part III: Apply Security Countermeasures - Cybercriminals are constantly evolving their capability to exploit vulnerabilities inherent in the global business ecosystem. Organizations need an innovative approach; allocating and prioritizing resources to effectively protect critical assets. Part III discusses various strategies to help an organization advance to a high level of performance in its security ecosystem. It also includes recommended steps that organizations can take to address cloud privacy and security concern. Finally, it identifies key controls designed to protect data on portable devices and the network connected to the devices. Part IV: Meet Regulatory Compliance - Compliance is challenging for many organizations, especially in heavily regulated industries such as healthcare and financial services. Understanding significant implications in the disclosure and governance of personal information reduces the risks of non-compliance, which may result in civil and criminal penalties, loss of public trust and reputation, and unnecessary down time. Part IV highlights key federal laws that concern cybersecurity and privacy and discusses examples of states that have enacted comprehensive consumer data privacy laws. It also describes some legal challenges in the cross-border data flow. It also reviews the major laws for regulating the healthcare and financial services industries. |
Usage Rank : | 77333 |
Release : | 2023 |
Version : | 1.0 |
Prerequisites : | None. |
Experience Level : | Overview |
Additional Contents : | Complete, no additional material needed. |
Additional Links : |
Cybersecurity: Meaning, Types of Cyber Attacks, Common Targets
|
Advance Preparation : | None. |
Delivery Method : | QAS Self Study |
Intended Participants : | Anyone needing Continuing Professional Education (CPE). |
Revision Date : | 08-Aug-2023 |
NASBA Course Declaration : | Participants must complete the final examination within one year of purchase and with a minimum passing grade of 70% or better to receive CPE credit unless otherwise noted on the Course History page (i.e. California Ethics must score 90% or better). After logging in click on the Course History links on your My Courses page for the Begin date and Expire date for the Final Exam. |
Approved Audience : | NASBA QAS - Text - NASBA Registry - 2177 |
Keywords : | Computer Software & Applications, Cybersecurity, Guide, Accountants, cpe, cpa, online course |
Learning Objectives : |
Part I
2. Identify the five functions of the NIST Cybersecurity Framework 3. Recognize the five stages of the ITIL Framework 4. Identify the main causes for the rise of cyberattacks 5. Recognize common types of cyberattacks 6. Identify different kinds of cyber threat actors 7. Identify ways to protect yourself against cybercrime Part II
2. Recognize the role of the board in cybersecurity 3. Identify management activities associated with IT governance 4. Recognize the key principles of the COBIT Framework 5. Identify must-have security policies for every organization Part III
2. Recognize the essential information security measures 3. Identify cloud computing security measures 4. Recognize mobile device security best practices Part IV
2. Recognize the key provisions of state privacy laws 3. Identify the key provisions of the HIPAA 4. Recognize the key requirements of the GLBA |
Course Contents : | Part I: Adopt A Security Mindset Learning Objectives Chapter 1: The Evolution of Cybersecurity Importance of Cybersecurity Definition and Objectives Technology Dependency Consequences of a Data Breach Common Misconceptions Misconception 1: Cybercriminals only target larger companies (or my data is not valuable) Misconception 2: Cybersecurity is just an IT matter (or Cybersecurity is a technology issue) Misconception 3: Cybersecurity is more important than physical and environmental security Misconception 4: Cyberattacks always come from external actors (or we only need to worry about hackers) Misconception 5: Security software will protect my business (or antivirus software is good enough) Misconception 6: Compliance with standards and regulations is sufficient for a security strategy Cybersecurity Best Practices NIST Cybersecurity Framework ITIL Framework Chapter 1 Review Questions Chapter 2: Cybersecurity Threats and Attacks Significant Threat Events Cybercrime Escalation Routine Activities Theory Internet Anonymity Use of Automation Mobile Security Threats IoT Devices Vulnerabilities Common Types of Threats Physical Breaches Exploitation of Emotions Malware Infection Hacking Denial-of-Service Password Cracking Threat Sources Types of Threats External Actors Insider Threats Case Study: Sophisticated Cyber Gang Observations Lessons Learned Chapter 2 Review Questions Part II: Create A Security-Conscious Culture Learning Objectives Chapter 3: Governance Process Good Governance Leadership Matters Essential Role of Boards Key Governance Roles Common Frameworks COBIT 2019 Framework ISO/IEC 38500:2015 Chapter 3 Review Questions Chapter 4: Policy Implementation Importance of Security Policy Common Security Policies Design of An Effective Policy General Rules Key Elements Chapter 4 Review Questions Part III: Apply Security Countermeasures Learning Objectives Chapter 5: Physical and Environmental Protection Physical Security Physical Barriers Access Control Visual Surveillance Environmental Factors Chapter 5 Review Questions Chapter 6: Information Security The CIA Triad Logical Access Controls Account Administration Authentication Security Technologies Intrusion Detection and Prevention Systems Firewall Encryption Cloud Computing Data Governance Security and Reliability Mobile Device Security Chapter 6 Review Questions Part IV: Meet Regulatory Compliance Learning Objectives Chapter 7: Regulatory Environment Federal Regulations Case Study State Privacy Laws California Colorado Virginia Cross-Border Data Flow Data Localization Laws European Law: GDPR EU-US Data Transfer Chapter 7 Review Questions Chapter 8: Compliance for Healthcare Industry HIPAA Overview What is Protected by HIPAA Who Must Comply with HIPAA Who Is Not Required to Follow HIPAA What is Security Rule What is the Difference between “Required” and “Addressable” Security Measures What Are Common HIPAA Violations Risk Analysis and Risk Management Physical Safeguards Facility Access Control Workstation and Device Security Technical Safeguards Access Control Audit Controls Integrity Person or Entity Authentication Transmission Security Chapter 8 Review Questions Chapter 9: Compliance for Financial Institutions GLBA Overview What are the Compliance Requirements Who Must Comply with GLBA What is Protected by GLBA What is Not Covered by GLBA What are the Penalties for GLBA Non-Compliance Information Security Program Chapter 9 Review Questions Appendix A: A Checklist for a Comprehensive Security Plan Appendix B: IT Governance Do’s and Don’ts Appendix C: Board Checklist for Cybersecurity Leadership Appendix D: Selecting a Biometric System Appendix E: Psychological Factors Glossary |