100 likes | 202 Views
Steve Gold, IT expert on the Business IT Guide. What are the most important IT skills that accountants need to have?. Steve Gold, Business/IT Security Journalist AccountingWEB event July 15, 2008. Agenda. Steve Gold - who on earth is this guy? IT skills needed by modern accountants
E N D
What are the most important IT skills that accountants need to have? Steve Gold, Business/IT Security Journalist AccountingWEB event July 15, 2008
Agenda • Steve Gold - who on earth is this guy? • IT skills needed by modern accountants • Fraud and security threats – what’s happening? • How to protect you and your systems • Lessons learned • Further information
Audit security is a state of mind • IT threats are becoming hybridised and multi-vectored • Hackers are out to extract revenue from your organisation • So what are the main threats? • Phishing • Trojan horses • Electronic eavesdropping • Man-in-the-middle attacks • Fraud will always take the path of least resistance
Finjan IT threats report – July 15, 2008 • The cybercrime world is continually evolving • Welcome to the world of crimeware • Similar to the legitimate business world, organisations are structured to supply their customers with a product or service while generating revenue. • With the transition from “hack for fame” to “cybercrime for profit”, the industry is seeing see the rise of well-structured and highly effective cybercrime organisations.
Business Challenges • How do you protect your systems from these threats? • Multiple layers of security • Out-sourced or in-house security? • Where does the audit function sit in this brave new world? • Is it necessary to program to be an effective auditor? • Good applications software is the key
Business Challenges • Virtual servers pose a major threat to your audit function • Virtual servers are cost-effective • Virtual servers improve IT and business efficiency • Conventional IT audit techniques do not apply to virtual servers • Behavioural analysis may be the key to virtual server security
Conventional techniques are still viable • Pattern analysis (digital signatures) may be the key • Conventional IT security software use digital signature searching • Every IT transaction has its own digital signature • Pattern searching/analysis is the key to effective security • Pattern analysis may well be the key to future audit software
Conclusions • IT security and fraud threats are constantly evolving • IT security and the audit function are inextricably linked • Good security and auditing software is the key to fraud control • “It isn’t rocket science”
Sources of further information • Online resources are the key • www.ITProPortal.com - one of the very first technology Web sites to launch in the UK back in 1999 and now one of the UK’s leading business and technology resources. • http://wm.businessitguide.com - provides you with all the information you need to make IT decisions that are right for your business. We can help you identify those issues which affect your business and recommend a clearly defined course of action. • www.infosecurity-magazine.com – Security and anti-fraud systems news, reviews and observations for today’s accountants and auditors (and not just for techies).