Cybersecurity is one of the biggest internal control areas that need executive attention. You just received an urgent call from the CEO. An e-mail was received demanding $10M Bitcoin to be paid as ransom to unencrypt the company's data. "Oh no! Maybe if we audited the organization's Cybersecurity program and controls before this happened, we might not be in this mess!" Sound familiar? Hundreds of Security, Compliance and Audit professionals ha...

Audits of "SOC" (System and Organization Controls) have been governed starting on May 1, 2017 by the application of "SSAE" (Statement of Standards for Attestation Engagements) 18. This new AICPA Standard replaces SSAE 16, just as SSAE 16 replaced SAS 70. This new standard will require the users of these reports to change their compliance programs to fit the new reporting standards. SSAE 18 is more comprehensive than the prior standards. Learn...

"How can you equip your staff with the policies and tools to make your business information, computers and devices as secure as possible?"This program focuses on the policies, methodologies, processes and tools needed to prevent, detect and monitor cybersecurity threats and provide for an effective program. As more and more data breaches are disclosed, cybersecurity remains at the front of many business leaders' minds. Data breaches are a con...

New cybersecurity risk regulations for all organizations are approaching faster than you might think. "Computers, software, programming and algorithms are all parts of a cybersecurity risk program, but it is the interaction with the "humans" that makes all the difference in the world." An effective cybersecurity risk program requires an organization to have everything from program policies to incident response plans to specific breach notifica...

SANS SEC560: Network Penetration Testing and Ethical Hacking, is our flagship course for penetration testing. As a cybersecurity professional, you have a unique responsibility to find and understand your organization's vulnerabilities and to work diligently to mitigate them before the bad guys pounce. Are you ready? This course fully arms you to address this task head-on. SEC560 is the must have course for every well-rounded security professio...