Cybersecurity Fighting Crime s Enfant Terrible - PDF

Please download to get full document.

View again

of 22
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information Report



Views: 4 | Pages: 22

Extension: PDF | Download: 0

Related documents
Cybersecurity Fighting Crime s Enfant Terrible Abstract The purpose of this report is to review the cyber-threat landscape, to discuss cybersecurity and its future trends and areas of concern, and to highlight
Cybersecurity Fighting Crime s Enfant Terrible Abstract The purpose of this report is to review the cyber-threat landscape, to discuss cybersecurity and its future trends and areas of concern, and to highlight particular areas that are likely to have direct impact on the future of accountancy. As computers are playing an ever-increasing role in what finance professionals have to do on a daily basis, cybersecurity is becoming inextricably linked to such fundamentally important tasks as protecting the safety and continuity of the business, ensuring confidentiality of sensitive data and helping clients understand and manage a wide range of cyber-risks. Other key considerations are that cybersecurity is no longer a purely technical issue, and has become so complex that there is no single third party that a business can fully rely upon in order to stay secure. Professional accountants and finance professionals have to step up to the challenge and learn how to survive the tidal wave of cybercrime. About ACCA ACCA (Association of Chartered Certified Accountants) is the global body for professional accountants. We aim to offer business-relevant, first-choice qualifications to people of application, ability and ambition around the world who seek a rewarding career in accountancy, finance and management. Founded in 1904, ACCA has consistently held unique core values: opportunity, diversity, innovation, integrity and accountability. We believe that accountants bring value to economies in all stages of development. We aim to develop capacity in the profession and encourage the adoption of consistent global standards. Our values are aligned to the needs of employers in all sectors and we ensure that, through our qualifications, we prepare accountants for business. We work to open up the profession to people of all backgrounds and remove artificial barriers to entry, ensuring that our qualifications and their delivery meet the diverse needs of trainee professionals and their employers. We support our 178,000 members and 455,000 students in 181 countries, helping them to develop successful careers in accounting and business with the skills needed by employers. We work through a network of 95 offices and centres and more than 7,110 Approved Employers worldwide, who provide high standards of employee learning and development. About IMA IMA (Institute of Management Accountants), the association of accountants and financial professionals in business, is one of the largest and most respected associations focused exclusively on advancing the management accounting profession. Globally, IMA supports the profession through research, the CMA (Certified Management Accountant) credential, continuing education, networking and advocacy of the highest ethical business practices. IMA has a global network of more than 80,000 members in 140 countries and 300 professional and student chapters. Headquartered in Montvale, N.J., USA, IMA provides localized services through its four global regions: The Americas, Asia Pacific, Europe, and Middle East/Africa. For further information, please contact: Faye Chua Head of Business Insights, ACCA +44 (0) Dr Raef Lawson Vice President of Research and Policy Institute of Management Accountants The Association of Chartered Certified Accountants and Institute of Management Accountants, February 2016. Table of contents Acknowledgements 2 Foreword 7 Executive summary 8 1. Introduction Review of the cybersecurity landscape Future trends and areas of concern for cybersecurity Cybersecurity and the future of accountancy 22 Conclusion 27 Appendix A. A brief history of cybercrime how it all began 29 Appendix B. Basic safety practices 31 References 33 Cybersecurity Fighting Crime s Enfant Terrible 1 Acknowledgements Gary R. Brown CPA, CMA Managing Director at Gary R. Brown, CPA firm Gary is managing director of a full-service boutique CPA firm based in Georgetown, Texas, specialising in tax, accounting, and business management services. Previous experience includes chief financial officer and senior finance and technical management positions with both multinational and start-up organisations located in Asia, Latin America, and the US. He holds an MBA from Texas Tech University and an accounting degree from Montana State University. Gary has held global leadership positions with the Institute of Management Accountants and is a past president of the Stuart Cameron McLeod Society. Simon Cole FCCA Group Financial Controller at WS Atkins PLC Currently Simon is group financial controller and reporting director for WS Atkins plc, the FTSE 250 design and engineering consultancy that designs everything from roads to railways, hospitals to airports, not to mention the odd experimental nuclear fusion reactor. Simon has held a number of roles since joining the Group and has previously been divisional FD for large parts of the Group, both in the UK and in the Far East. His roles have taken him to numerous countries as the company has grown from fewer than 2,000 to 20,000 people, located in five regions and over 30 countries. Dr Toa Charm Founder and Chairperson, BI & Big Data SIG at Hong Kong Computer Society Toa Charm is the vice-president of the Hong Kong Computer Society. Toa is a widely connected and reputable senior executive and information technology professional in Asia-Pacific. He has more than 25 years of management experience with leading multinational and Chinese companies in Asia-Pacific. He was an associate partner of IBM GBS Greater China, regional head of the BI Competence Centre for HSBC Asia Pacific, general manager of BI Division for Oracle Greater China and managing director of Hyperion Greater China. He specialises in strategy, business model innovation, digital transformation, business intelligence (BI) and big data, FinTech, customer experience and loyalty, and internationalisation for Chinese enterprises. Faris Dean FCCA Head of Business Services at Bowden Jones Solicitors Faris heads the Business Services Department of Bowden Jones Solicitors. He advises and acts for clients on a range of matters including business sales and purchases, investment agreements, anti-bribery systems and data protection. Before joining Bowden Jones, Faris worked in law firms dealing with national and international commercial and corporate transactions. As well as practising as a solicitor for over 10 years, he is a qualified chartered certified accountant, having trained with two of the Big Four international accountancy firms. His understanding of financial issues affecting business often helps provide another perspective when advising clients on corporate and commercial transactions. 2 Alex Erchov Computer Technologies Consultant Alex started his career as a software engineer and then gradually progressed towards technical management. In the early 1990s he was at the forefront of internetorientated systems development, becoming an IT director of PeopleBank (The Employment Network) one of the first large-scale online recruitment systems in the UK. Several management positions followed, and then eventually Alex chose a role of a consultant, helping his clients navigate the technology minefield in search of the best possible solutions for their business needs. Matthew Harris ACA, ICAEW Chief Financial Officer at Constain Group Matthew was appointed finance director for the Natural Resources Division of Costain Group in November He has responsibility for the financial reporting and strategic planning of the water, power, and oil and gas sectors of Costain, as well as the integration of the recently acquired Rhead Group. Prior to joining Costain, Matthew was a director of Hanson Cement, and has previously held senior finance roles with American Water, Thames Water and BMW. Matthew qualified as a chartered accountant with Price Waterhouse, and became a fellow of the Institute of Chartered Accountants of England and Wales (ICAEW) in Dr Darren Hayes Director of Cybersecurity and Assistant Professor at Pace University Darren is a leading expert in the field of digital forensics and cybersecurity. He is director of cybersecurity and an assistant professor at Pace University, New York. He is listed by Forensics Colleges as one of the Top 10 computer forensics professors. He has developed a computer forensics programme at Pace, including setting up a computer forensics research laboratory. As a forensics examiner, he has worked on numerous cases involving digital evidence in both civil and criminal investigations. For a number of years, Darren has served on the board of the High Technology Crime Investigation Association. In late 2014, he published his latest book, entitled A Practical Guide to Computer Forensics Investigations. Shariq Khwaja Information Technology and Services Consultant Shariq is a freelance business consultant specialising in FinTech project management, who has successfully carried out initiatives for several high-profile partners, including the London Stock Exchange, Credit Suisse, Old Mutual, RBS and Lloyds Bank. He remains true to his software engineering roots and keeps his technical skills honed, continuing the development and testing of a set of algorithmic trading tools that he built as part of his MSc thesis. Cybersecurity Fighting Crime s Enfant Terrible 3 Acknowledgements Hastings Mtine FCCA, FZICA, LLB Unza Managing Partner MPH Chartered Accountants Hastings is the co-founder of MPH, which consists of three partners with over 80 years experience between them. The firm was founded in 2011 and its major focus is provision of services to SMEs. Hastings sits on a number of committees, including ACCA s Global Forum for SMEs. He also sits on three local Plc boards and was last year honoured with The Lifetime Achievement Award for 2014 issued by the local institute and IoD for his contribution to the development of the accountancy profession. He wants SMEs to focus on ICT ingenious development while being mindful of security concerns. Dilesh Magdani FCCA Director of Finance Operations at Specsavers Dilesh is the director of finance operations at Specsavers. He is an experienced senior professional and an awardwinning leader. He has worked in multinational blue chip, private and VC-backed organisations and has experience across a variety of industries, including retail, utilities, manufacturing, distribution, food and beverage. Dilesh is responsible for designing and implementing a global back-office footprint, and prior to this led the shared-service operations for Specsavers. He has previously created and led operations for Stella Travel Group and Premier Foods plc, and held various finance roles within National Grid plc, RS Components and T&N plc. Rob Mutchell ACCA BP Ventures Chief Financial Officer and BP Alternative Energy Head of Finance Rob holds two roles in BP as the chief financial officer for the Venture Capital unit and head of finance for the Biofuels division. As part of his remit, he serves as a non-executive director of two UK-based portfolio companies. Rob qualified as an accountant with ACCA in 1998, studying part-time while enjoying his first career as a professional footballer with Oxford United, Barnet FC and Stevenage Borough. Phil Talbot Head of Technical Services at Matrix Solutions Phil has over 17 years information technology experience. He is currently head of Technical Services at Matrix Solutions, a provider of business and customer intelligence solutions, bearing overall operational responsibility for all related physical assets, networks and communications, as well as systems architecture. Ensuring cybersecurity for the company to which clients entrust their data is one of Phil s topmost priorities. 4 Andrew Vorster Technology Foresight Consultant at With more than 30 years technology experience across a broad range of industries, Andrew has spent his entire professional career helping organisations understand and exploit the opportunities, and mitigate the risks, presented by new and emerging technology. He is a member of the World Future Society and recently left the position he had held for almost seven years as vicepresident of technology research for Visa Europe, in order to develop his own business. Emmanuel Walter FCCA Director at Winfos Capital Ltd Emmanuel is a highly accomplished and results-driven executive with more than 20 years international experience in Europe and Asia. He has previously held various senior financial and operational positions for large businesses (c. US$500m and 2,000 staff), such as multinationals Dialog Semiconductor, GE and ABB Power, specialising in the industrial sector (energy, manufacturing/engineering, automotive/ EV, semiconductor) as well as in the Chinese market, where he has worked 10 years as CFO for a company manufacturing power-related equipment. He is highly experienced in managing JVs. Belinda Young FCCA Director at Centrecourt Group of Companies, Singapore Belinda has been an ACCA member since Currently she is an ACCA Council member and also a member of the Qualifications Board, Global Forum for Business Law and Global Forum for Taxation. She set up an accounting firm 16 years ago and now has clients from over 15 countries and more than 18 different industries. Voluntary work is very familiar territory for Belinda, having offered her services to a myriad of non-profit organisations for the past 10 years. She has served on the boards of charities and numerous finance and audit committees. Cybersecurity Fighting Crime s Enfant Terrible 5 6 Foreword Cybercrime gets so much attention and coverage from the media that there is a danger of its being perceived as a kind of familiar, omnipresent and inevitable ill force that everyone simply needs to accept and learn how to live with. In fact, nothing can be further from the truth. Cybersecurity is a complex issue and it can only be ensured if businesses and individuals appreciate that they themselves have to accept a large part of the responsibility for it, because neither governments and law enforcement nor IT professionals can be relied upon to provide adequate protection. Ng Boon Yew, Executive Chairman, Raffles Campus Pte Ltd and Chairman, ACCA Accountancy Futures Academy It is now essential but no longer sufficient to understand and follow the basic rules of cyber-hygiene, as cyber-criminals constantly find new and inventive ways of perpetrating crime, at many different levels. This report by ACCA and IMA emphasises that finance professionals need to keep an eye on the changing cyber-threat landscape and be wary of knowledge gaps. A head in the sand attitude is not a viable option. Right at the heart of this is the issue of clients trust, which finance professionals have to keep, no matter what. For as long as cybercrime remains a threat to the trust that clients and customers have in finance professionals and companies, the future of accountancy depends on cooperation across the profession to help combat, and defeat, the enfant terrible of crime. Cybersecurity Fighting Crime s Enfant Terrible 7 Executive summary Throughout history, criminals always used advances in science and technology to try and gain a cutting edge in their struggle against law enforcement. From this point of view, cybercrime is the inevitable flip side of the Third Industrial Revolution, also known as the Digital Revolution. The role of computers in the modern world becomes more and more prominent, but unfortunately so does the danger that the cybercrime presents. Naturally, anything to do with finance is of particular interest to cybercriminals: thieves tend to follow the money. Therefore cybercrime presents clear and present danger for the future of the finance profession. Compared with more traditional types of crime, cybercrime is new but it is proving to be a true enfant terrible, causing massive disruption and financial damage to individuals, businesses and governments. Recent years have seen consistent increases in the scope, scale and technical complexity of cyberattacks, and 2014 was definitely the worst year on record to that date. Attacks were extremely wide-ranging and included destructive cyber-assaults by nation-states, successful attacks on Cloud providers, targeting of social media, new advances in ransomware, and more. As much as everyone would like to have an off-the-shelf silver bullet solution to the problems that cybercrime presents, such a solution simply does not exist, nor can it: the problem is too complex, too diverse and too fluid. Law enforcement around the world is desperately trying to bring cybercrime under control, but this is proving to be a very difficult thing to do. Unlike mainstream criminals, cybercriminals operate in a borderless world and their activities often leave very little, if any, physical evidence. Their tools and techniques are 8 widely available to those who want to use them, and are often free. This and the balance of potentially huge financial gain versus relatively low operational risk make cybercrime a very tempting proposition for technically minded people with idle hands. Consequently, the good guys have to learn how to counter these new cyber-weapons, as well as how to build powerful weapons and protection tools of their own. This, however, presents a problem of its own, as lack of transparency and adequate monitoring of the development work for such weapons and tools can potentially lead to misuse and is being currently widely questioned. A recent survey by ACCA shows that finance professionals are not overly concerned about the pervasive capturing and storage of, and access to, information, sometimes referred to as living in a fishbowl, so the future of these developments is far from clear. For instance, legal aspects of data encryption, and indeed its validity, have been recently questioned at the highest level (government), although such discussions seem unlikely to have an immediate impact on the development of relevant technologies. Another cybercrime issue that has to be considered is the increasing risk related to the use of new or quickly expanding technologies: mobile devices, contactless and mobile payment systems, the Cloud in its various incarnations, the IoT (Internet of Things), advanced personal authentication technologies, and, last but not least, social networking. While all these things are convenient and useful, they often introduce new security loopholes that cybercriminals look for and exploit. Cybersecurity is no longer a purely technical issue; the impact of a cyber-breach is typically felt across every aspect of a business and often involves operational, reputational and financial damage, as well as regulatory penalties. What is needed, but is still often lacking, is a strategic approach to mitigating cybercrime risks. Professional accountants and finance professionals can, and should, play a leading role in defining certain key areas of such an approach: creating reasonable estimates of financial impact that different types of cybersecurity breaches will cause, defining risk-management strategy, helping businesses to establish priorities for their most valuable digital resources. They can also closely follow the work of governments and various regulators, in order to have clear up-to-date information on relevant legislation and on requirements for adequate disclosure and prompt investigation of cyber breaches. Another vitally important aspect of cybersecurity is closely linked with maintaining clients and customers confidence. Safeguarding clients trust and ensuring confidentiality of sensitive data is a vital task for any accountancy practice. Therefore, as computers and electronic documents are playing an ever-increasing role in what finance professionals do on a daily basis, cybersecurity must become one of the key concerns. This is especially true because cybercriminals often use the so-called lateral movement ap
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks