Professionals in information security work to prevent the unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction of information. It doesn’t really matter what form the information takes – it may be physical or electronic. The primary focus of information security is the balanced protection of the confidentiality, integrity, and availability of data while maintaining efficient policy implementation and without disrupting organizational productivity.
In the simplest context, cyber security is the protection of internet-connected systems, including hardware, software, and data, from cyberattacks. Information security is both electronic and physical security, a subset of cyber security.
Advisory services are typically when a CPA or other professional develops findings and recommendations to present to a client for consideration and decision making.
TOOLS & RESOURCES
- Cybersecurity Resource Center
- System and Organization Controls: SOC Suite of Services Resource Center
- What is the Dark Web? | CNBC Explains - YouTube
- Cybersecurity – Homeland Security
- VIDEO: Discover how high-tech investigations can benefit from low-tech solutions
- VIDEO: When hacking is ethical: Managing cybersecurity risk for the good guys
- VIDEO: Make it safe: Using and preparing reports for SOC® for Cybersecurity
- VIDEO: Understand the parameters and uses of a SOC 2+ engagement
LEARNING & PUBLICATIONS
- Certificate Exam – Advanced SOC for Service Organizations
- CPE – Cybersecurity Fundamentals for Finance and Accounting Professionals Certificate
- CPE – Cybersecurity Advisory Services Certificate Program
- CPE – SOC for Cybersecurity Certificate Program
- CPE – Introduction to SOC for Service Organizations Reporting
- Podcast - Cybersecurity and Financial Services
- Podcast - SOC 2®
- Podcast - SOC 2® Privacy Principles
- Publication – Reporting on an Entity's Cybersecurity Risk Management Program and Controls – Attestation Guide
- Publication – SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy Guide
- Publication – Reporting on an Examination of Controls at a Service Organization Relevant to User Entities' Internal Control Over Financial Reporting (SOC 1®) Guide