Internal control is an important focus for auditors as they commonly identify weaknesses in internal controls as an underlying cause of organizations struggling to deliver effective and efficient results. Through lecture, group discussions, and case studies, this course provides auditors with a comprehensive understanding of the five components of internal control and the 17 underlying principles. The course will explain the audit planning and...

The cyber-attack surface has exploded to include more than just hardware and on premises devices. This can make implementing CDM and achieving success even more difficult-- one of the most common challenges has always been finding the time and resources to do so. So how are agency cyber leaders keeping up? While the Cybersecurity and Infrastructure Security Agency’s Continuous Diagnostics and Mitigation (CDM) program is now a dozen years...

All the elements of the U.S. healthcare system are under siege by hackers. A recent article in Modern Healthcare reported that “[o]ver the past five years, there’s been a 256% increase in large breaches reported to [the U.S. Department of Health and Human Services] involving hacking and a 264% increase in ransomware.” Federal health agencies face the same risks – and private-sector attacks ripple through the agencies, a...

ISC2 Certified Cloud Security Professional 40 CPEs ISC2’s CCSP certification is a globally recognized credential that validates the expertise and knowledge of professionals in designing, implementing, and managing cloud security programs, policies, and architectures. The CCSP is valued by organizations seeking professionals capable of addressing the security challenges associated with cloud computing and ensuring the confidentiality, int...

Proper supply chain management and national security concerns have never been more interconnected. As geopolitical tensions bring cyber threats to the fore, the public and private sector must collaborate to ensure each link of the supply chain is secure. And everyone in the organization, from developers to senior leadership, must prioritize risk management across the entire threat landscape. Because cybersecurity risks can arise at any point i...

In today’s rapidly evolving cybersecurity landscape, Zero Trust has emerged as a critical strategy to defend organizational assets against persistent cyber threats. However, the presence of mobile devices in enterprise environments poses significant challenges to traditional Zero Trust implementations. As government agencies increasingly rely on mobile devices to conduct business and communicate, ensuring the security of these endpoints...

Election security is top of mind across the United States, from concern about malign foreign interference, to DDoS attacks against election websites, to the security of voting machines and their software, to insider and third-party threats, even to “swatting” of local election officials, to name just a few. At the heart of all these threats is the intent to change the outcome of political races. Outcomes, in the end, are determined...

Government agencies increasingly rely on mobile devices, making endpoint security crucial. This panel features government officials discussing innovative strategies to address mobile cyber threats within a Zero Trust framework. Learn how mobile security is vital to enhancing the effectiveness of a Zero Trust Architecture, providing stringent verification mechanisms to ensure the integrity of user and device access to critical resources. From i...

Hands-On Cyber Security Training in Denver Celebrating 35 Years of Cybersecurity Excellence Elevate your expertise with cyber security training at SANS Rocky Mountain Summer 2024 (June 17-22, MT). Led by industry-leading instructors renowned for their deep knowledge and practical insights, this event offers unparalleled, live access to your favorite cyber experts. Filled with hands-on labs, simulations, and exercises designed to equip you with...

Join us for our new two-day, interactive global workshops focused on identifying opportunities and managing the risks associated with artificial intelligence. Engage with your peers as we take an in-depth, hands-on look at how to secure the use of AI and discover ways AI uses our data through a practical risk management lens. Securing AI: Cybersecurity OperationsGain essential tools to secure systems in the AI era. Learn how AI can impact both...