Cybersecurity: A Guide for Accountants (10 hrs)

Course No. 7076
Format: Online pdf (206 pages).
Prerequisites: None
Advance Preparation:None
Level: Overview
CPE Credit: 10 hrs.
Field of Study: Information Technology
Course expiration:  You have one year from date of purchase to complete the course.
Course Revision Date: January 2023

After completing this course, participants should be able to:

Part 1

1. Recognize common cybersecurity misconceptions
2. Identify the five functions of the NIST Cybersecurity Framework
3. Recognize the five stages of the ITIL Framework
4. Identify the main causes for the rise of cyberattacks
5. Recognize common types of cyberattacks
6. Identify different kinds of cyber threat actors
7. Identify ways to protect yourself against cybercrime

Part 2

1. Identify the objectives of IT governance
2. Recognize the role of the board in cybersecurity
3. Identify management activities associated with IT governance
4. Recognize the key principles of the COBIT Framework
5. Identify must-have security policies for every organization

Part 3

1. Identify the essential physical security measures
2. Recognize the essential information security measures
3. Identify cloud computing security measures
4. Recognize mobile device security best practices

Part 4

1. Identify the significant federal regulations of data privacy and protection
2. Recognize the key provisions of state privacy laws
3. Identify the key provisions of the HIPAA
4. Recognize the key requirements of the GLBA

Course Contents

Part I: Adopt A Security Mindset – Cybersecurity is not just about techniques, it is also about a mindset, which is critical to crime prevention efforts. Part I introduces the concepts and understanding of the field of cybersecurity. It discusses some common cybersecurity myths and explains how to address them, and identifies cybersecurity frameworks for managing risk and reducing vulnerabilities. It also describes different types of cyberattacks and threat sources.

Part II: Create A Security-Conscious Culture – Cybersecurity is only important to an organization if the board and management make it so. A successful cybersecurity program requires ongoing governance. Part II explains how to design and implementation of a holistic IT governance. It also provides guidance on how to develop an effective security policy.

Part III: Apply Security Countermeasures – Cybercriminals are constantly evolving their capability to exploit vulnerabilities inherent in the global business ecosystem.  Organizations need an innovative approach; allocating and prioritizing resources to effectively protect critical assets.  Part III discusses various strategies to help an organization advance to a high level of performance in its security ecosystem. It also includes recommended steps that organizations can take to address cloud privacy and security concern. Finally, it identifies key controls designed to protect data on portable devices and the network connected to the devices.

Part IV: Meet Regulatory Compliance – Compliance is challenging for many organizations, especially in heavily regulated industries such as healthcare and financial services. Understanding significant implications in the disclosure and governance of personal information reduces the risks of non-compliance, which may result in civil and criminal penalties, loss of public trust and reputation, and unnecessary down time. Part IV highlights key federal laws that concern cybersecurity and privacy and discusses examples of states that have enacted comprehensive consumer data privacy laws. It also describes some legal challenges in the cross-border data flow. It also reviews the major laws for regulating the healthcare and financial services industries.