Actions and Detail Panel
IIA-Calgary / Managing the risk of insider threats and cyber attacks - E&Y...
Fri, 28 April 2017, 11:30 AM – 1:15 PM MDT
"Managing the risk of insider threats and cyber attacks"
An organization’s critical digital and physical assets are becoming more and more exposed through increased connectivity, differing global regulatory requirements, and potential security weaknesses within complex supply chains.
This lunch & learn session will be held Friday, April 28th, at the Calgary City Centre (+15 Conference facilities), located at 215 – 2nd Street SW, T2P 1M4 in Calgary.
Lunch is provided by E&Y LLP.
Doors will open at 11:30, as registration and mingling will precede the presentation that will run from 12:00 to 12:55. A self-serve catered sandwiches buffet will be available for attendees. This lunch & learn, sponsored by E&Y, is open to IIA members in good standing. Please be punctual and arrive before 11:55.
An insider threat is a current or former employee, contractor or business partner, who has or had authorized access to an organization’s network systems, data or premises, uses that access to compromise the confidentiality, integrity or availability of the organization’s network systems, data or premises, whether or not out of malicious intent.
Insider threats can include fraud, theft of intellectual property (IP) or trade secrets, unauthorized trading, espionage and IT infrastructure sabotage.
An insider threat may be present or developing over a period of time with indicators that can be categorized as “direct” or “indirect,” each requiring different types of tracking mechanisms. “Direct” risk indicators are usually abnormal activities that deviate from day-today work activities. Examples include downloading large volumes of data to external drives, accessing sensitive information that bears no direct relevance to normal job duties or emailing confidential data to a personal account. “Indirect” risk indicators are usually patterns of human behavior that require analysis to reveal suspicious motives. Examples include sudden overuse of negative emotive words in electronic communications, expressing desire to resign over social media, and demonstrating ties to high-risk personnel or outside parties.
This session will provide an overview of leading practices used to manage the risk of insider threats.
Jennifer Hookey, CPA, CA, CFE, CFF
Jennifer leads EY’s Fraud Investigation and Dispute Services practice in Alberta and with more than 16 years of dedicated forensic experience, she has acted as both a consulting expert and independent accounting expert. Jennifer has also has undertaken and led a broad range of investigations in Canada and overseas involving fraud, misappropriation of assets, bribery and corruption, facilitation payments, financial statement fraud, employee misconduct, insider trading, procurement fraud, theft of intellectual property, whistleblower accusations and other forms of inappropriate behaviors in business.
Vitaly Sokolov, MSc, CISSP, CISM, CISA
Vitaly is the leader of EY’s Cybersecurity practice in the Energy sector. He brings solid knowledge and nearly 20 years of hands-on experience in the areas of IT security operations, governance, risk and compliance management, critical infrastructure protection, threat detection and incident response. Prior to his role with EY, he led information security function at a Calgary-based Fortune 500 energy company where he had built an effective cyber risk management program from the ground up. He graduated from London School of Economics and holds three professional designations: Certified Information Security Professional, Certified Information Systems Auditor and Certified Information Security Manager.
Registration & Details: RSVP early / Space is limited.
* IIA-Calgary Member in good standing: Free
* Non Members: N/A as open to IIA members only
CPD Credit: 1.0 verifiable hour.
For more information: contact the IIA Chapter at firstname.lastname@example.org
IIA-Calgary Chapter Events Partner