Business and IT Consulting
Internet of Things (IoT) and Cyber Security
What Is IoT And How Do Hackers Infiltrate Your Devices? An increasing number of companies are installing Internet of Things (IoT) devices on their networks. IoT devices are typically “black box” devices, the inner workings of which are unknown to most users. For example, HVAC systems, smart fridges, computer printers, and even cars can contain […]
Configuration & Application Vulnerabilities in Cyber & IT Security
Despite the best efforts of IT teams, organizations continue to be plagued with IT security vulnerabilities in their systems by both internal and external threats. The most common vulnerabilities are poor configurations and outdated/unpatched systems or applications. These vulnerabilities may subject your organization to the risk of hackers gaining access to sensitive employee or client […]
Eye on Cyber: A Day in the Life of an Ethical Hacker
“Innovation, organization, and sophistication—these are the tools of cyber attackers as they work harder and more efficiently to uncover new vulnerabilities,” reports Symantec in their 2018 Internet Security Threat Report. Ethical hacking services are a great way for organizations to unearth security weaknesses before they can be exploited by online criminals. In this instructive session, […]
Common Social Engineering Cyber Attacks and Prevention Strategies
What Is Social Engineering & What Are the Risks? The human component of cybersecurity is the weakest link in protecting your organization against external threats. Recently, social engineering attacks have become the most prevalent type of threat within reported cyber breaches. Social engineering is a malicious activity in which bad actors produce items such as […]
AAFCPAs to Present Workshop on Internal Controls & IT Countermeasures to Mitigate Risks
AAFCPAs’ Vassilis Kontoglis and David Kelleher will present an educational workshop on Best Practices in Internal Controls and IT Security to assist in mitigating risk at The Massachusetts Association of Early Education & Care (MADCA) Administration and Management Conference, in Worcester, MA on November 28th. Risk Management requires continuous improvement, and organizations must stay vigilant, […]
People, Processes and Technology, the Three-Legged Stool: AAFCPAs to Lead MNN Educational Workshop
AAFCPAs’ Partner Janice O’Reilly, CPA, CGMA and Manager Dawn Pantano, CPA, CITP will present a timely, educational workshop at the Massachusetts Nonprofit Network’s 2018 Annual Conference in Framingham, MA on October 10th on the topic of right-sizing the modern finance function.Nonprofit finance departments are often juggling the day-to-day accounting and bookkeeping responsibilities alongside more complex […]

Educational Podcast: Cybersecurity in 2018
Listen to Podcast Click here to listen to podcast or use the above media player. Techniques of cyber-criminals continue to evolve. A recent study shared by InfoSecurity Magazine reports “Cyber-criminals have adopted an organizational shift in how they carry out their work, implementing corporate best practices and establishing professional businesses to increase the efficiency of their attacks […]
AAFCPAs to Lead System and Organization Controls (SOC) Reporting Forum for PrimeGlobal, National CPA Firm Association
AAFCPAs’ James Jumes, MBA, M. Ed has been selected to lead the North American System and Organization Controls (SOC) Reporting Special Interest Group (SIG) for PrimeGlobal, an international association of independent accounting firms. James is uniquely qualified to lead this national SIG, which will serve as a forum for peers to share their interpretations and implementations of […]

AAFCPAs Earns SOC for Cybersecurity Services Certificate
AAFCPAs’ Partners James Jumes, MBA, M.Ed. and Robin Kelley, CPA, CITP, CGMA, CSPM, CCSFP have earned the System and Organization Controls (SOC) for Cybersecurity Certificate issued by The Association of International Certified Professional Accountants (AICPA). SOC for Cybersecurity is a new entity-wide cybersecurity audit that allows organizations to voluntarily report on their cybersecurity management programs […]