The Cybersecurity Advisory Services Certificate (15.5 CPE Credits) will teach you how to help your clients navigate threats by becoming a trusted business advisor for their organization's cybersecurity risk management programs. Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes—whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events. Cybersecurity yields potential business opportunities for a firm to better serve its clients. As a trusted business advisor, firm practitioners can provide advisory services that help companies spot cybersecurity weaknesses, identify potential risks and offer advice on how to safeguard information and systems. Learn how you can help your clients navigate threats by becoming a trusted business advisor for their organization's cybersecurity risk management programs. Upon completing the learning, you will be awarded with a certificate in the form of a digital badge to be proudly displayed anywhere on the internet—a personal blog, a social network like LinkedIn, Facebook, Twitter, Mozilla Open Badges, a biographical page on a company website, or an online resume. WHO WILL BENEFIT? Practitioners who are interested in providing cybersecurity advisory services and want to build their competencies in and understanding of these types of services. Likely participants may already have SOC for service organizations practices and are looking to expand into cybersecurity. Participants must have either IT expertise or access to IT professionals who possess the skills to perform this work. CPAs in public accounting firms who are providing non-consulting and advisory services for clients of the firms (e.g. tax or A&A services) and need to be able to intelligently convey the value of a cybersecurity risk management program to their clients (to then hand off to the cybersecurity specialist within the firm). Management accountants and internal auditors who want to understand the types of services available to their organizations related to the management of cybersecurity risks KEY TOPICS Cybersecurity risk management program overview Cybersecurity advisory service opportunities Cybersecurity examination services versus advisory services Cybersecurity frameworks, including the AICPA cybersecurity risk management program reporting framework Drivers for cybersecurity advisory needs Gap analysis and risk assessment Common cybersecurity advisory services, such as SOC for Cybersecurity readiness assessments and penetration testing Tools to effectively perform advisory services including qualifications and certifications, backgrounds and expertise, and other resources you would need to market and deliver in a quality manner LEARNING OBJECTIVES Articulate the nature and types of cybersecurity advisory services that can be performed. Identify key considerations of each of those advisory services. Recognize what one would need to effectively perform advisory services. Want to learn more about all of the cybersecurity certificates? Learn More Digital Badge: Your Professional Distinction Set yourself apart as a future-ready financial professional. Upon completion, you will be awarded with a certificate in the form of a digital badge. Digital badges allow you to distinguish yourself in the marketplace and show your commitment to quality. The badge can be posted to your social media profiles and linked to your resume or email signature, providing maximum visibility to your achievement. Credit Info CPE CREDITS: Online: 15.5 (CPE credit info) NASBA FIELD OF STUDY: Information Technology LEVEL: Basic PREREQUISITES: None ADVANCE PREPARATION: Assumed knowledge of the Trust Services Criteria and the Cybersecurity Description Criteria DELIVERY METHOD: QAS Self-Study COURSE ACRONYM: CSADV Online Access Instructions A personal pin code is enclosed in the physical packaging that may be activated online upon receipt. Once activated, you will gain immediate online access to the product for one full year. System Requirements AICPA’s online CPE courses will operate in a variety of configurations, but only the configuration described below is supported by AICPA technicians. A stable and continuous internet connection is required. In order to record your completion of the online learning courses, please ensure you are connected to the internet at all times while taking the course. It is your responsibility to validate that CPE certificate(s) are available within your account after successfully completing the course and/or exam. Supported Operating Systems: Macintosh OS X 10.10 to present Windows 7 to present Supported Browsers: Apple Safari Google Chrome Microsoft Internet Explorer Mozilla Firefox Required Browser Plug-ins: Adobe Flash Adobe Acrobat Reader Technical Support: Please contact [email protected].

The SOC for Cybersecurity Certificate Program (14.5 CPE Credits) will teach you how to help your clients navigate threats as a trusted business adviser for their cybersecurity risk management programs. Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes – whether public or private. The result? Your clients are under pressure to demonstrate that they are managing threats. And that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events. The framework for cybersecurity attestation SOC for Cybersecurity meets a growing business need for attestation. It's a solution that builds upon the accounting profession's experience in auditing system and organization controls. For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination and express an expert opinion: Is the program accurately described? Are the controls effective? Your opportunity as a cybersecurity adviser This self-study certificate helps you understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework. As a certificate recipient, you'll be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity. Digital badges: Your professional distinction After you complete the three-part webcast series, you will be awarded a certificate in the form of a digital badge. Proudly display it anywhere on the internet – a personal blog, a social site such as LinkedIn, Facebook or Twitter, Open Badges, a bio page on a company website or your email signature. WHO WILL BENEFIT? Note: You must have either IT expertise or access to IT professionals who possess the skills to perform this work. Public accounting practitioners interested in providing cybersecurity attestation services (SOC for Cybersecurity) and in building competencies in and understanding of this service Professionals who already have SOC for Service Organizations practices and are looking to expand into cybersecurity attestation services Management accountants and internal auditors who want to understand the SOC for Cybersecurity examination service available to their organizations related to their cybersecurity risk management program KEY TOPICS Cyberthreat landscape and the terminology used to describe various aspects of cybersecurity Various SOC services Components of cybersecurity risk management program How to use the description criteria How to use the control criteria to assess an entity's controls over cybersecurity Key considerations prior to accepting a cybersecurity examination engagement and key planning considerations Key steps involved in performing the cybersecurity risk management examination Key factors to consider while forming the opinion and preparing the practitioner's report LEARNING OBJECTIVES Understand the AICPA's Cybersecurity Risk Management reporting framework and how IT organizations and practitioners may use it to evaluate controls and communicate certain cybersecurity information to interested parties. Analyze the components of an organization's cybersecurity risk management program. Recognize the performance and reporting requirements of a SOC for Cybersecurity examination. Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes – whether public or private. Digital Badge: Your Professional Distinction Set yourself apart as a future-ready financial professional. Upon completion, you will be awarded with a certificate in the form of a digital badge. Digital badges allow you to distinguish yourself in the marketplace and show your commitment to quality. The badge can be posted to your social media profiles and linked to your resume or email signature, providing maximum visibility to your achievement. Credit Info CPE CREDITS: Online: 14.5 (CPE credit info) NASBA FIELD OF STUDY: Auditing LEVEL: Intermediate PREREQUISITES: Familiarity with the cybersecurity description criteria and the trust services criteria ADVANCE PREPARATION: None DELIVERY METHOD: QAS Self-Study COURSE ACRONYM: CSATT Online Access Instructions A personal pin code is enclosed in the physical packaging that may be activated online upon receipt. Once activated, you will gain immediate online access to the product for one full year. System Requirements AICPA’s online CPE courses will operate in a variety of configurations, but only the configuration described below is supported by AICPA technicians. A stable and continuous internet connection is required. In order to record your completion of the online learning courses, please ensure you are connected to the internet at all times while taking the course. It is your responsibility to validate that CPE certificate(s) are available within your account after successfully completing the course and/or exam. Supported Operating Systems: Macintosh OS X 10.10 to present Windows 7 to present Supported Browsers: Apple Safari Google Chrome Microsoft Internet Explorer Mozilla Firefox Required Browser Plug-ins: Adobe Flash Adobe Acrobat Reader Technical Support: Please contact [email protected].

The Cybersecurity Fundamentals for Finance and Accounting Professionals Certificate course (15.5 CPE Credits) will help you develop fluency and gain confidence to make sound strategic decisions regarding cybersecurity risk. You’ll also learn what you should be doing as a non-IT professional, to help protect your clients and your organization from cyber threats. Understand cybersecurity—and be part of the solution. The threats from cyber-attacks are real, and can: Disrupt businesses Result in financial losses Destroy an organization's reputation In fact, cybercrime damage costs are expected to hit $6 trillion annually by 2021. Organizations are under pressure to show that they have effective processes in place to detect, mitigate, and recover from cybersecurity events. This certificate course gives you a foundation in cybersecurity so you can provide valuable leadership within your organization—or with your clients. What do you need to know about cybersecurity? You don't have to become an IT expert. But, you do need to be able to speak intelligently and: Understand key elements of the AICPA's cybersecurity risk management reporting framework; Learn the terminology and the right questions to ask; Understand the potential risks and opportunities for your organization or clients; Help advise on investments in cybersecurity or identify roles for cybersecurity specialists; and, Apply a security mindset to your daily work. Gain expertise—and show it with this certificate and digital badge As cybercrime threats grow, it's essential for financial professionals to understanding what the risks are and how mitigate or manage them. This interactive, self-paced certificate program, authored by cybersecurity expert Chris Romeo, will help you acquire these skills so you can: Add value to your organization Create opportunities for your career growth Consider exploring cybersecurity advisory as a specialization for yourself or your firm Who Will Benefit? Finance professionals CFOs and business managers Controllers and internal auditors Management and public accountants Key Topics Cybersecurity terminology and digital transformation Attacks and the security mindset Data breaches and privacy Cybersecurity frameworks including NIST CSF Elements of a cybersecurity risk management program Benefits of investing in cybersecurity Options for cybersecurity service offerings Learning Objectives Recognize the impact of digital transformation on business. Recognize key cybersecurity terms and what it takes to have a security mindset. Recognize the threat landscape and the importance of security to various technologies. Recognize how a data breach occurs and the organizational impact. Recognize the impact to the organization when privacy is compromised. Recognize the definition and purpose of a cybersecurity risk management program and description criteria. Identify which security framework(s) would be best for your organization or client. Identify the five functions described in the core of the NIST Cybersecurity Framework (CSF). Credit Info CPE CREDITS: Online: 15.5 (CPE credit info) NASBA FIELD OF STUDY: Information Technology LEVEL: Basic PREREQUISITES: None ADVANCE PREPARATION: None DELIVERY METHOD: QAS Self-Study COURSE ACRONYM: CSFD Online Access Instructions A personal pin code is enclosed in the physical packaging that may be activated online upon receipt. Once activated, you will gain immediate online access to the product. System Requirements AICPA’s online CPE courses will operate in a variety of configurations, but only the configuration described below is supported by AICPA technicians. A stable and continuous internet connection is required. In order to record your completion of the online learning courses, please ensure you are connected to the internet at all times while taking the course. It is your responsibility to validate that CPE certificate(s) are available within your account after successfully completing the course and/or exam. Supported Operating Systems: Macintosh OS X 10.10 to present Windows 7 to present Supported Browsers: Apple Safari Google Chrome Microsoft Internet Explorer Mozilla Firefox Required Browser Plug-ins: Adobe Flash Adobe Acrobat Reader Technical Support: Please contact [email protected].

The burnout rate of a Chief Information Security Officer (CISO) is pegged at about 16 months. In other words, that is what the average tenure of a CISO is at a business. At the end of their stay, many CISOs look for totally different avenues of work, or they try something else – namely starting their own Cybersecurity Consulting business. Although a CISO might have the skill and knowledge set to go it alone, it takes careful planning to launch a successful Cyber Consulting business. This ranges all the way from developing a business plan to choosing the specific area in Cybersecurity that they want to serve. How to Start Your Own Cybersecurity Consulting Business: First-Hand Lessons from a Burned-Out Ex-CISO is written by an author who has real-world experience in launching a Cyber Consulting company. It is all-encompassing, with coverage spanning from selecting which legal formation is most suitable to which segment of the Cybersecurity industry should be targeted. The book is geared specifically towards the CISO that is on the verge of a total burnout or career change. It explains how CISOs can market their experience and services to win and retain key customers. It includes a chapter on how certification can give a Cybersecurity consultant a competitive edge and covers the five top certifications in information security: CISSP, CompTIA Security+, CompTIA CySA+, CSSP, and CISM. The book’s author has been in the IT world for more than 20 years and has worked for numerous companies in corporate America. He has experienced CISO burnout. He has also started two successful Cybersecurity companies. This book offers his own unique perspective based on his hard-earned lessons learned and shows how to apply them in creating a successful venture. It also covers the pitfalls of starting a consultancy, how to avoid them, and how to bounce back from any that prove unavoidable. This is the book for burned-out former CISOs to rejuvenate themselves and their careers by launching their own consultancies.

Organizations face ongoing threats to their information technology infrastructure on a daily basis. These security struggles need to be approached with modern techniques, a holistic view of security, and a diverse body of knowledge. With the proper tools and training, managers in the Information Security and Cyber Security fields will be much more capable of finding success within their roles.The Certified Cyber Security Operations Manager certification course brings Cyber Security core competencies to advanced levels with new concepts and traditional best practices. Using 16 detailed learning objects, students will be provided with the knowledge and context needed to successfully manage the security of their technical environments. Focusing on the Information Security concerns of today, students will cover topics such as Cloud Security, Threat Intelligence Collection and Analysis, Vulnerability Management, Biometric Security Systems, Incident Response, Securing Systems with Cryptography, and the NICE Cybersecurity Workforce Framework.

This new self-study system delivers complete coverage of every topic on the Certified in Cybersecurity exam Take the Certified in Cybersecurity exam from (ISC)2 with confidence using the information contained in this comprehensive study guide. Written by two cybersecurity experts and successful authors, Cc Certified in Cybersecurity All-in-One Exam Guide offers background material, detailed examples, and accurate practice questions--all in a single volume. Each exam domain is presented with information mapped directly to the body of knowledge. Using the trusted "All-in-One" format, the book reviews every topic on the test and lays out the foundational knowledge, skills, and abilities necessary to be successful in an entry-level cybersecurity role. You will get historical and background information and technical details on core concepts as well as stories, discussions, and anecdotes from real-world cybersecurity experts. *Covers all exam domains established by the governing body, (ISC)2 *Online content includes 200+ practice questions in the customizable Total Tester exam engine *Written by a pair of cybersecurity experts and well-known authors

Organizations face ongoing threats to their information technology infrastructure on a daily basis. These security struggles need to be approached with modern techniques, a holistic view of security, and a diverse body of knowledge. With the proper tools and training, managers in the Information Security and Cyber Security fields will be much more capable of finding success within their roles.The Certified Cyber Security Operations Manager certification course brings Cyber Security core competencies to advanced levels with new concepts and traditional best practices. Using 16 detailed learning objects, students will be provided with the knowledge and context needed to successfully manage the security of their technical environments. Focusing on the Information Security concerns of today, students will cover topics such as Cloud Security, Threat Intelligence Collection and Analysis, Technology-Enabled Physical Security Systems, Incident Response, Asset Management, and Cyber Security Frameworks and the Security Stack.Domain 01: Cyber Security Frameworks and the Security StackDomain 02: Risk Management Frameworks and ImplementationsDomain 03: Asset Management and Resource ProfilesDomain 04: Secure Network Architecture for Non-ArchitectsDomain 05: Securing Systems and Data Using CryptographyDomain 06: Identifying Network Baselines and AnomaliesDomain 07: Incident Response and Remediation StrategiesDomain 08: Network and Host Data Collection MethodsDomain 09: Investigations, Evidence, and Chain of CustodyDomain 10: Business Continuity and Disaster RecoveryDomain 11: Vulnerability Assessment and ManagementDomain 12: Threat Intelligence Collection and AnalysisDomain 13: Cloud Computing Architecture and SecurityDomain 14: Technology-Enabled Physical Security SystemsDomain 15: Service Level Agreements and Legal ContractsDomain 16: Planning for Training, Testing, and Validation