Mr. Anderson, MCSE, CCNP, CISSP, CEH

Certified Ethical Hacker

Mr. Anderson is a “white hat” ethical security hacker and business continuity advisor with extensive experience in the development & implementation of security-focused audit and control programs. He is highly sought-after for his expertise in Cyber Security & Technology Assessments, including: security architecture reviews; penetration/vulnerability testing; business resiliency, disaster recovery and other remediation strategies; hardware system selection and configuration; cloud application security reviews; and wireless security assessments.

Mr. Anderson has a deep understanding of industry standards and extensive experience with internal controls evaluation, COSO, COBIT, ITIL, ITGCC, GLBA audits, and ISO, SOX 404 compliance requirements, including all phases of planning, evaluation, documentation, testing and remediation. He advises clients on merchant compliance with the Payment Card Industry Data Security Standard (PCI), as well as Health Insurance Portability and Accountability (HIPAA) privacy and security rules. He holds several globally recognized certifications for IT assurance and security, including: Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional (CCNP), a Microsoft Certified Solutions Expert (MCSE), and an Amazon Web Services Certified Solutions Architect Professional (AWS CSAP). Mr. Anderson tests and monitors clients’ IT environments, including network topologies, firewalls and other security solutions, VPN configurations, hardware infrastructure design, and IT policies and standards. He identifies any potential system integrity exposure and control weaknesses and advises internal control owners to appropriately define and implement risk mitigation plans. He provides solutions that allow clients to cost-effectively address compliance obligations, validate their control environment, and better rely on their technologies to support complex business processes.

Education

Bachelor of Computer Science

Prior Experience

Healthcare Industry – Information Security Analyst
Manufacturing & Distribution – Senior IT Security Administrator
Manufacturing & Distribution – Senior CDR Engineer
United States Navy – Cryptologic Technician and SERE School Instructor

Publications

AAFCPAs eBook: Best Practices for Reducing IT & Cyber Risks

Professional Associations

Information Systems Audit and Control Association (ISACA)
The SANS Institute

Contributed Insights

AI Aids Cyber Crime, Elevates Need for Vulnerability Management and Employee Training

AAFCPAs would like to make clients aware that leading U.S. intelligence officials recently presented on the elevated risk of cybercrime, hacking, and money laundering stemming from the rise in artificial intelligence (AI). At the International Conference on Cyber Security at Manhattan’s Fordham University, Rob Joyce, Director of Cybersecurity at the National Security Agency, touched on […]

How to Right-Size Cybersecurity to Fit the Small Nonprofit

Organizations rely on technology for communicating, managing our work, assisting us in making accurate and timely decisions, assisting customers, and staying in the know wherever we go. But along with this comes a mounting risk of data breach. Particularly susceptible are small nonprofit organizations with fewer technical safeguards, outdated security protocols, and modest IT budgets. […]

October Designated National Cybersecurity Awareness Month

October kicks off National Cybersecurity Awareness Month (NCSAM), which is dedicated to raising public awareness on the importance of cybersecurity. Launched in 2004 by the U.S. federal government, NCSAM aims to encourage businesses and individuals to investigate potential risk along with strategies to improve the security of critical infrastructure. Where To Start The threat landscape […]