Cyberattacks on everything from Apple to zombie video games have made headlines.
The onslaught of security breaches has companies increasingly relying on a department not typically known for its role in preventing cyberthreats: internal audit.
Businesses have a growing need for internal auditors who can size up their data security policies and potential risks, said speakers at the 8th Annual Fraud Summit.
The conference, recently hosted by the University of Texas at Dallas Naveen Jindal School of Management, drew a sold-out crowd of 450 professionals.
Keynote speaker Kyle Maxwell, senior network security analyst for Verizon Business, said most security breaches investigated by his team have involved weak or stolen credentials.
Breaches can take months to discover, typically by law enforcement or other third parties, said Maxwell. He added that anti-virus programs are a good precaution but not a guarantee against attacks.
"Our detection stinks," Maxwell said. He added that companies express surprise when breaches are discovered.
"They say, 'We're compliant,'" Maxwell said. "That's great, but it's not working. I don't have all the answers, but we need to find them."
The Jindal School is working to add courses to fill the growing need for auditors skilled in evaluating hacking and malware threats.
"You're going to see some students coming out of UTD in the future who have a concentration in cybersecurity," said Mark Salamasick, director of the Center for Internal Auditing and senior lecturer in accounting, who organized the fraud summit.
A portion of the proceeds from the summit will be used for scholarships for students preparing for internal audit careers. The conference raised about $35,000 for scholarships and $50,000 for an internal audit endowment.
In 2011, The Center for Internal Auditing Excellence set a goal to raise $1 million for an endowment to support scholarships, teaching assistance, seminars, conferences, research, and educational programs. UT Dallas' internal audit program is one of five recognized by the Institute of Internal Auditors as a Center for Internal Auditing Excellence.
Hasan Pirkul, dean of the Naveen Jindal School of Management and Caruth Chair of Management, announced at the Fraud Summit that JSOM will provide a $50,000 matching contribution for the endowment. That brings the total raised so far for the endowment to $600,000.
The conference featured speakers from leading accounting and fraud investigation firms and UT Dallas faculty. Attendees each received a copy of A Guide to Forensic Accounting Investigation (John Wiley & Sons Inc.; 2011) co-edited by Steven Skalak, partner at PriceWaterhouseCoopers who gave an address on "Doing Business in the Big East: Emerging Assurance Issues in China."
The summit explored the many ways that auditors can use technology to detect fraud, including sessions on "How to Detect and Prevent Fraud Using Data Analysis" and "Cybercrime Inferno."
Verizon's Maxwell described fraud cases that were both galling and entertaining.
There was the computer programmer who outsourced his job to a programmer in China while he played video games and surfed the Web at work. Then there were the fraudsters who pulled off a multi-million ATM heist without going near an actual machine by taking advantage of a software misconfiguration.
The culprits were caught, providing successful conclusions — and plenty of lessons for auditors.
No entries found