Category: Risk & Advisory

Getting Started with Cybersecurity Training

By Darren Hulem, CISA, CEH, Security+, Supervisor and Tom Brown, CAPM, Security +, Senior Risk Analyst TLDR: End user cybersecurity training is essential for preventing malicious actors from gaining unauthorized access to your organization’s network. Creating a risk-averse organization involves making your staff aware of best-practices for identifying common attacks, like phishing scams. At the…

Read more ›

Internal Audit: Preventing Fraud through Travel & Expense Reimbursement Audits

By Kristen Ocampo, CPA, Senior Internal Auditor Travel & Expense (T&E) reimbursement fraud can have a significant impact on your organization. The Association of Certified Fraud Examiners’ 2022 Report to the Nations found the average loss from an expense reimbursement scheme was $152,000. The report, which is based on a worldwide survey of Certified Fraud…

Read more ›

Obtaining Cyber Insurance For Your Organization

By Darren Hulem, CISA, CEH, Security+, Supervisor, IT and Risk & Advisory Services As cyberattacks grow in frequency and complexity, organizations are asking, “Is Cyber Insurance worth it?” The short answer is “Absolutely!” Before contacting an insurance company, we recommend some research and due diligence to position your organization for reasonable rates. Coverages can vary…

Read more ›

Survey Highlights Pace and Complexity of Risks for Nonprofits

Enterprise risk management is becoming more common in the not-for-profit sector, but recent research finds that risk management practices are not keeping pace with the increased complexity of risks for nonprofits. On July 12, 2022, the Enterprise Risk Management (ERM) Initiative at NC State University published the 13th edition of its annual State of Risk…

Read more ›

IP Reputation: Are You Being Blacklisted?

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Your organization’s reputation can be influenced by a variety of factors including brand image, online reviews, social media presence, customer experience, and more. Each of these elements factors into the overall image of the organization. When it comes to your internet reputation, important elements are different…

Read more ›

Brand Monitoring: Tracking Your Social Footprint

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Have you ever wondered how end users view your company? Is your domain seen as safe and trusted? Is your website optimized? These are just some of the areas that business analytics tools assess to evaluate your brand. Every organization is adapting to the changing digital…

Read more ›

Web Ranking: How Do You Measure Up?

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     While web ranking is not necessarily a security concern, having insight into the popularity of your website helps measure the success of ad campaigns, assess visitor engagement with your content, and identify opportunities for growth. Web ranking sites include Alexa, Cisco, and Majestic, and each site…

Read more ›

Fraudulent Applications: Are Attackers Pretending to be You?

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     When downloading a new app, be sure it’s from a credible source. Hackers can create fraudulent applications that look very similar in name or appearance to well-known apps. To make matters worse, these fake apps can sometimes be found on trusted sites like the Apple or…

Read more ›

Fraudulent Domains: Are You a Victim of Typosquatting?

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Fraudulent domains look very similar to your organization’s domain name and are used to fool people into thinking they are interacting with you. These domains are often used in phishing attacks, which according to CSO Online, account for more than 80% of all reported security incidents….

Read more ›

DNS Health: Ensure your organizations’ identity is protected

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Your organization’s domain name (e.g. “example.com”) serves as the base of operations for your online identity – helping interested parties to find you and connect with you online. However, the underlying machine language of the internet is based on numbers. Every site on the internet has…

Read more ›