100 Victoria StreetBristol BS1 6HZUnited Kingdom
a Sift Media publication
Steve Gold,IT expert on the Business IT Guide
What are the most important IT
skills that accountants need to have?
What are the most important IT
skills that accountants need to have?
Steve Gold, Business/IT Security Journalist
AccountingWEB event July 15, 2008
Agenda
Steve Gold - who on earth is this guy? IT skills needed by modern accountants Fraud and security threats – what’s
happening? How to protect you and your systems Lessons learned Further information
Audit security is a state of mind
IT threats are becoming hybridised and multi-vectored
Hackers are out to extract revenue from your organisation
So what are the main threats? Phishing Trojan horses Electronic eavesdropping Man-in-the-middle attacks
Fraud will always take the path of least resistance
Finjan IT threats report – July 15, 2008
The cybercrime world is continually evolving
Welcome to the world of crimeware
Similar to the legitimate business world, organisations are structured to supply their customers with a product or service while generating revenue.
With the transition from “hack for fame” to “cybercrime for profit”, the industry is seeing see the rise of well-structured and highly effective cybercrime organisations.
Business Challenges
How do you protect your systems from these threats?
Multiple layers of security
Out-sourced or in-house security?
Where does the audit function sit in this brave new world?
Is it necessary to program to be an effective auditor?
Good applications software is the key
Business Challenges
Virtual servers pose a major threat to your audit function
Virtual servers are cost-effective
Virtual servers improve IT and business efficiency
Conventional IT audit techniques do not apply to virtual servers
Behavioural analysis may be the key to virtual server security
Conventional techniques are still viable
Pattern analysis (digital signatures) may be the key
Conventional IT security software use digital signature searching
Every IT transaction has its own digital signature
Pattern searching/analysis is the key to effective security
Pattern analysis may well be the key to future audit software
Conclusions
IT security and fraud threats are constantly evolving
IT security and the audit function are inextricably linked
Good security and auditing software is the key to fraud control
“It isn’t rocket science”
Sources of further information
Online resources are the key
www.ITProPortal.com - one of the very first technology Web sites to launch in the UK back in 1999 and now one of the UK’s leading business and technology resources.
http://wm.businessitguide.com - provides you with all the information you need to make IT decisions that are right for your business. We can help you identify those issues which affect your business and recommend a clearly defined course of action.
www.infosecurity-magazine.com – Security and anti-fraud systems news, reviews and observations for today’s accountants and auditors (and not just for techies).
