Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Increasing cybersecurity awareness and fluency for compliance risk management
Journal of Financial Compliance,
4
(2),
126-139
(2020)
Abstract
This paper aims to explain the fundamental cybersecurity concepts that financial compliance professionals should know as well as shed some light on certain advanced cybersecurity concepts that are meaningful to understand. Knowledge of such technical terminology can enable effective communication between the compliance function, the information technology department, other members of senior management, third-party vendors, and inevitably, regulators.
Keywords: cybersecurity; privacy; encryption; access control; data breach; risk management
The full article is available to subscribers to the journal.
Author's Biography
E.J. Yerzak is Director of the Cyber IT Services Group within Compliance Solutions Strategies (CSS) — Ascendant Consulting Services. Yerzak assists advisers in hedge funds, private equity funds, funds of funds, pension and retail investment in bridging the gap between compliance and cybersecurity risk management. In addition to conducting compliance programme annual reviews, risk assessments and mock exams, Yerzak is the Director of Cyber IT Services of the technology team at CSS, which provides cybersecurity consulting services to its clients. In this capacity, Yerzak assists firms in assessing and managing their cybersecurity risk, from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the National Institute of Standards and Technology cybersecurity framework. Yerzak has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences and events throughout the country. He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC™). Yerzak holds a bachelor’s degree in both English and computer science, magna cum laude, from Colgate University; a master of science degree in computer information technology from Central Connecticut State University and a J.D., magna cum laude from Quinnipiac University School of Law. He is licensed to practice at the State Bar of Connecticut and in federal court before the US District Court for the District of Connecticut.
Michael Farrell is a consultant with the cybersecurity division of Compliance Solutions Strategies (CSS) - Ascendant Consulting Services) Cybersecurity division and is responsible for conducting cybersecurity risk assessments, policy gap analyses, vulnerability scanning, penetration testing and social engineering testing. Michael’s information technology background includes experience in network installations and management, hardware and software configuration and troubleshooting. Michael earned his bachelor’s degree in accounting from Central Connecticut State University and is a Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).
