Mitigating insider threats from a people perspective | CSO Online

Cyber threats come in various forms. A diverse threat actor landscape consisting of criminals, espionage actors, hacktivists, and more have demonstrated how successful they can be launching remote attacks. Gaining unauthorized access into networks, stealing sensitive intellectual property, financial, and personal identifiable information, and conducting defacements and denial-of-service attacks, are just some ways these hostile elements target organizations in both the public and private sectors. If enterprises want to understand how they can better invest in security defenses, build the necessary One class of actor that often gets overlooked is the insider threat, largely because they represent a hybrid type of actor that capitalizes on his physical access to conduct malfeasance, often leveraging some cyber aspect in the fulfillment of his goals. What is wrong with this picture?  Insiders can both be witting and unwitting. The unwitting or careless insider is an individual with legitimate accesses but who through poor judgment commits a security infraction that results in potential consequences for his organization (e.g., think the insertion of a USB key into an organization’s network). The witting or malicious insider is an individual that makes the conscious decision to abuse his access in order to obtain sensitive and/or financial information for personal gain or purposeful malicious intent (e.g., an individual like Chelsea Manning or Edward Snowden fits this category). A third type of insider is the remote actor or masquerading insider who has compromised legitimate credentials in order to gain access as a trusted individual on an organization’s network. One thing that all of these three types have in common: once inside, perimeter security can do little to deter their actions.

Source: Mitigating insider threats from a people perspective | CSO Online

Advertisements

Report: CFOs Eyeing New Revenue Management Tech, Practices | Accounting Technology

CFO.as_.Risk_.ManagerChief financial officers and senior management teams are reassessing their revenue management practices and technology, according to The New World of Revenue Management report released by the Institute of Management Accountants and FinancialForce, cloud ERP provider on the Salesforce App Cloud. According to the report, these reevaluations are in response to both the new revenue recognition accounting standards issued by the Financial Accounting Standards Board and the International Accounting Standards Board and a new category of usage-based business models that can positively influence a business’s valuation. These models include software subscriptions, recurring billing, professional services and product/service billing. Of the 235 survey respondents, IMA members that work as a CFO, controller, director or accounting manager, 30 percent recognize the new revenue recognition standards will impact their company somewhat or a great deal, and specifically, 55 percent said the new standards would impact their revenue processes and financial statements. Meanwhile, half of the respondents said their firms fall under GAAP revenue recognition guidelines, and of those who do not, two-thirds have not yet assessed the new standards. Spreadsheets are still the most commonly used method to track revenue recognition (for 60 percent of respondents), with ERP applications second at 46 percent. One-fourth of respondents have either weak or no controls over their existing revenue recognition systems, while 30 percent of the respondents plan to reassess their systems and controls because of the new requirements. Another 48 percent said “maybe” or “not sure” to reassessment. “We are in the midst of the as-a-service economy boom, which is making recurring revenue the central model of new and traditional businesses,” stated Raphael Bres, general manager for financial management applications at FinancialForce. “CFOs and senior management teams are at a crossroads and must address these major shifts or risk being non-compliant, inefficient, and worse yet, lose market share for failing to give customers the new billing models they want. As this survey underlines with the upcoming new revenue recognition rules, it is time to adopt a strong revenue management application, with customer retention in mind, helping companies to gain a reliable and predictable revenue stream, superior customer and revenue forecasting analytics, as well as automating complex accounting requirements.”  The full report is available for download here.

Source: Report: CFOs Eyeing New Revenue Management Tech, Practices | Accounting Technology