© 2020 RSM US LLP. All Rights Reserved.€¦ · © 2020 RSM US LLP. All Rights Reserved. July 9,...

© 2020 RSM US LLP. All Rights Reserved.

July 9, 2020

HOW CYBER CRIME COSTS YOU

2


• National Leader – Digital Forensics and Incident Response

• Over 30 years experience conducting criminal and civil investigations throughout the U.S. and globally

− Subject matter and testifying expert witness on DFIR topics

− Instructor on digital investigations for the U.S. Department of Justice and U.S. Department of Treasury

− Frequent speaker on digital forensics and cybersecurity

• I like standardized tests

− Certified Fraud Examiner (CFE)

− EnCase Certified Examiner (EnCE)

− Certified Computer Examiner (CCE)

− Digital Forensic Certified Professional (DFCP)

• I snoop for a living

Sean RenshawSenior Director – RSM Risk Consulting

[email protected] / +1 312 634 4757

Today’s Presenters

3


• Southeast Region Leader – Financial Investigations & Dispute Services

• Almost two decades of forensic accounting, financial investigation, and litigation support experience

− Subject matter and testifying expert witness on financial fraud

− Previous matters include Madoff investigation, anti-terrorist financing, insider trading allegations, and whistleblower investigations

− Volunteer with AICPA, ACFE, VSCPA, and local colleges & universities regarding fraud awareness, education, and best practices

• I also like standardized tests

− Certified Public Accountant (CPA) / Certified in Financial Forensics (CFF)

− Certified Fraud Examiner (CFE)

− Master Analyst in Financial Forensics (MAFF)

• My side gig is podcasting – the inSecurities Podcast from PLI

Chris EkimoffDirector – RSM Financial Consulting

[email protected] / +1 571 341 4195

Today’s Presenters

4


Today’s Agenda

5

Cyber Incident Trends

You Are The Target

Case Studies

Things To Know

Internal Control Considerations


OVERVIEW OF CYBER INCIDENT TRENDS

6


Cyber Incident Trends – Attack Types 2019

Business Email Compromise

38%

Ransomware / Malware

35%

Forensic Technology

14%

Other13%

Source: Cyber incidents handled by RSM 5/1/2019 – 4/30/22020

7


Cyber Incidents – Organization Size 2014–2018

8Source: https://rsmus.com/what-we-do/services/risk-advisory/cybersecurity-data-privacy/the-real-cost-of-a-data-breach.html

NANO (<$50M)

MICRO ($50M - $300M)

SMALL ($300M - $2B)

OTHER / UNKNOWN


The Digital High Seas—Not Your Normal Pirates

9


The Digital High Seas—Not Your Normal Pirates

10


HOW ARE YOU BEING TARGETED?

11


How Are You Being Targeted? Social Engineering

12


How Are You Being Targeted? Malware

13


Mind On My Money

14


What’s The Cost?

15

Social Security Number

Social Security Number

Online Payment Services

Online Payment Services

Driver LicenseDriver License Loyalty AccountsLoyalty Accounts

DiplomasDiplomas PassportsPassports

Credit or Debit CardsCredit or Debit Cards

Non-Public FinancialNon-Public Financial General LoginsGeneral Logins

~$1 - 50 ~$20 - 1000

~$1 - 50 ~$5 - 20

With CCV #

~$1

With Bank Info

~$5

Full Info

~$15

~$1 - $10 ~$0

~$100 - 400 ~$500+

Subscription ServicesSubscription Services Medical RecordsMedical Records

~$1 - $100 ~$300+


$0

$20,000

$40,000

$60,000

$80,000

$100,000

$120,000

$140,000

$160,000

$180,000

$1,373

$72,000

$166,000

What’s The Cost?

BUSINESS EMAIL COMPROMISE

RANSOMWARE

ROBBERY

16


So What’s The Harm?

17

• Source: FBI IC3

Over $12 billion in losses since 2013 due to business email compromise

• Source: 2017 Uniform Crime Report / Source: FBI IC3

Average Robbery Loss: $1,373

Average BEC Loss: $159,469

• Source: SEC Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934 Regarding Certain Cyber-Related Frauds Perpetrated Against Public Companies and Related Internal Accounting Controls Requirements

Nearly $100 million in losses for nine SEC issuers, all lost at least $1 million; two lost over $30 million


Case Study

Wire Transfer Fraud Security Incident

18


Case Study

Ransomware Security Incident

19


How Did That Happen?

20


THE MORE YOU KNOW

21


• Understanding the attack scenario

• Evaluating the entity’s response to the cyber event

• Evaluating the recovery and remediation approach

• Due diligence can be your friend

Key Considerations

22






Key Considerations

23






Key Considerations

24






Key Considerations

25


Cybersecurity Best Practices – It’s EVERYONE’S Role

26


Cybersecurity Best Practices

27


Password Worst Practice

RANK PASSWORD

1 123456

2 123456789

3 qwerty

4 password

5 1234567

6 12345678

7 12345

8 iloveyou

9 111111

10 123123

11 abc123

12 qwerty123

RANK PASSWORD

13 1q2w3e4r

14 admin

15 qwertyuiop

16 654321

17 555555

18 lovely

19 7777777

20 welcome

21 888888

22 princess

23 dragon

24 password1

Source: SplashData - https://www.teamsid.com/1-50-worst-passwords-2019/

28


WHAT DO CONTROLS HAVE TO DO WITH CYBER?

29


Catching It Yourself Saves You Money

30


Catching It Yourself Saves You Money

31


COSO Prescribes it

32


• “Having sufficient internal accounting controls plays an important role in an issuer’s risk management approach to external cyber-related threats, and, ultimately, in the protection of investors.”

• “What is clear…is that internal accounting controls may need to be reassessed in light of emerging risks, including risks arising from cyber-related frauds.”

• “Given the prevalence and continued expansion of these attacks, issuers should be mindful of the risks that cyber-related frauds pose and consider, as appropriate, whether their internal accounting control systems are sufficient to provide reasonable assurances in safeguarding their assets from these risks.”

Department of Justice Advises It

33


COSO Prescribes it

34


COSO Prescribes it

35


• Mandate all employees receive security awareness training at least annually− Offer targeted training on specific types of threats to a specific population (e.g., training for

those who have the authority to release wires related to phishing attacks)

• Conduct periodic penetration assessments to test both the IT security infrastructure and social engineering prevention

• Implement two-factor authentication technology for all high-risk access points, including VPN and remote access to email

• Engage a third-party professional services provider to evaluate cybersecurity and privacy compared with industry benchmarks and to obtain a listing of gaps for future remediation

Examples Include

36


37


38


This document contains general information, may be based on authorities that are subject to change, and is not a substitute for professional advice or services. This document does not constitute audit, tax, consulting, business, financial, investment, legal or other professional advice, and you should consult a qualified professional advisor before taking any action based on the information herein. RSM US LLP, its affiliates and related entities are not responsible for any loss resulting from or relating to reliance on this document by any person. Internal Revenue Service rules require us to inform you that this communication may be deemed a solicitation to provide tax services. This communication is being sent to individuals who have subscribed to receive it or who we believe would have an interest in the topics discussed.

RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International.

RSM, the RSM logo and the power of being understood are registered trademarks of RSM International Association.


39

© 2020 RSM US LLP. All Rights Reserved.€¦ · © 2020 RSM US LLP. All Rights Reserved. July 9,...

Documents

Transcript of © 2020 RSM US LLP. All Rights Reserved.€¦ · © 2020 RSM US LLP. All Rights Reserved. July 9,...