LIVESTREAM - Cyber Security Conference

Wednesday, November 10 8:20am - 3:00pm

(Check-In 8:15am)

Add to Calendar

Online

6.00 Credits

Member Price $199.00

Price will increase by $25 on 11/3

Non-Member Price $294.00

Price will increase by $25 on 11/3

Overview

CPA firms and accounting departments are being specifically targeted and are under attack. Find out what you can do today to keep your data safe. This CTCPA conference, sponsored by the Technology Committee, is designed for CPAs. With cyber crime on the rise, you can't afford to miss this informative program.

Designed For

All CPAs and accounting professionals

Notice

By registering for this program and, accordingly, receiving the eMaterials, you're acknowledging that you understand both the copyright restrictions on your eMaterials and the CTCPA cancellation policy.

Wednesday, November 10

General Session

8:30am - 9:00am CT Cyber Security Legislation

Caroline Simmons State Representative, 144th District, CT State Capital Building

Caroline Simmons

Caroline B. Simmons is honored to represent the 144th District in Stamford, Connecticut, where she has served as a State Representative since 2014. She was appointed to be the chair of the Commerce Committee in her second term and successfully introduced, led debate, and helped pass over 16 bipartisan business bills on the House Floor. She is a passionate advocate for women and minority owned businesses and has helped passed legislation to provide more grants and access to capital to entrepreneurs and start ups and to support small business and job growth across CT. She also serves on the Higher Education and Employment and Human Services Committees, and was a member of the Public Safety and Security Committee. She was Awarded the 2015 Police Chiefs’ Legislator of the Year Award and the 2017 NARAL Pro Choice Connecticut Legislative Champions Award. Caroline also serves on the bi-partisan Young Legislators’ and Women’s Caucuses.

Previously, Caroline worked at the U.S. Department of Homeland Security (DHS) for four and a half years. At DHS, Caroline served as a Special Assistant in the Office of the Secretary, a Policy Analyst in the Office of the Middle East, Africa, and South Asia, and as a Director of Special Projects in the Counterterrorism Coordinator’s Office at Homeland Security. In these roles, Caroline provided support for DHS’s domestic and international counterterrorism programs and helped support DHS’s programs and budget for its homeland security team in Kabul, Afghanistan, and traveled to Kabul multiple times in connection with this work. Caroline also worked to enhance the Department’s countering violent extremism and active shooter awareness and response training for state, local, tribal, and territorial law enforcement officers. Before this, Caroline interned at the U.S. Department of State for the Middle East Partnership Initiative within the Bureau of Near Eastern Affairs, where she assisted with economic empowerment programs in the Middle East.

Caroline has a BA in Government from Harvard University (2008) and an MA in Middle East Studies (2011) from the Elliott School of International Affairs at George Washington University. Caroline also studied at the American University in Cairo, Egypt and the Arabic Language Institute in Fez, Morocco.

Caroline and her husband Art Linares live in Stamford and are the proud parents of two sons Teddy and Jack.

Presented by: Caroline Simmons - State Representative, 144th District, Stamford, CT, Connecticut General Assembly

An overview of the evolving cybersecurity threat to CT businesses and consumers and 2021 legislation to address this threat: An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses.

General Session

9:05am - 10:05am Ransomware: Are You Protected?

Donny Shimamoto Founder & Managing Director, IntrapriseTechKnowlogies LLC

Donny Shimamoto

Donny is the founder and managing director of IntrapriseTechKnowlogies LLC, an advisory focused CPA firm focused on innovation acceleration and organizational development for small businesses, middle market organizations, and nonprofits. Donny is a recognized thought leader and educator in the fields of accounting technology, IT risk management, and performance management. His dedication to helping accountants and organizations strategically leverage technology while proactively managing their business and technical risk is paramount.

Donny also serves as an business transformation advisor and outsourced “IT partner” for local & regional firms, finance departments, and internal audit departments who lack in house IT executive leadership and IT audit expertise; He helps with risk assessments, IT related advisory services, development of innovation strategies, streamlining of internal firm/department operations, and increasing staff proficiency with IT tools supporting internal operations and accounting/audit services delivery.

Donny was recognized as one of the Top Thought Leaders in Public Accounting by CPA Practice Advisor from 2012 to 2020, Top 100 Most Influential People in Accounting (2013/2014/2017 2020) by Accounting Today, received the 2009 2010 President’s Award from the Hawaii Society of CPAs, was named to CPA Technology Advisor’s 40 Under 40 list in 2007 & 2009 & 2014, and was also a Hawaii Top High Tech Leader in 2004.

Presented by: Donny C. Shimamoto, CPA.CITP, CGMA - Founder and Managing Director of IntrapriseTechKnowlogies LLC

Protecting yourself from ransomware requires more than just anti-virus software. There are additional layers of technology protections, business continuity considerations, legal and regulatory considerations, and potentially cyberliability insurance. Attend this session to determine if your current level of ransomware protection reduces your risk to an acceptable level and identify ways to ensure that you are protected.

Optional Session

10:05am - 10:20am Vendor Demos

Test out some of the best cyber-security tools and products during these interactive demonstrations.

General Session

10:25am - 11:25am Cyber Security Panel for Tax Practitioners

Donny Shimamoto Founder & Managing Director, IntrapriseTechKnowlogies LLC

Donny Shimamoto

Donny is the founder and managing director of IntrapriseTechKnowlogies LLC, an advisory focused CPA firm focused on innovation acceleration and organizational development for small businesses, middle market organizations, and nonprofits. Donny is a recognized thought leader and educator in the fields of accounting technology, IT risk management, and performance management. His dedication to helping accountants and organizations strategically leverage technology while proactively managing their business and technical risk is paramount.

Donny also serves as an business transformation advisor and outsourced “IT partner” for local & regional firms, finance departments, and internal audit departments who lack in house IT executive leadership and IT audit expertise; He helps with risk assessments, IT related advisory services, development of innovation strategies, streamlining of internal firm/department operations, and increasing staff proficiency with IT tools supporting internal operations and accounting/audit services delivery.

Donny was recognized as one of the Top Thought Leaders in Public Accounting by CPA Practice Advisor from 2012 to 2020, Top 100 Most Influential People in Accounting (2013/2014/2017 2020) by Accounting Today, received the 2009 2010 President’s Award from the Hawaii Society of CPAs, was named to CPA Technology Advisor’s 40 Under 40 list in 2007 & 2009 & 2014, and was also a Hawaii Top High Tech Leader in 2004.

Scott Garcia Professional Services Risk Manager, Smith Brothers Insurance, Inc.

Scott Garcia

Scott Garcia leads the Lawyers Professional Liability team for Smith Brothers Insurance. He is also a Certified Cyber Risk Manager. He provides clients with experienced underwriting, program management, risk management and insurance placement. Specializes in professional liability and management liability insurance including CPA Professional liability, Employment Practice Liability, Directors and Officers Liability, Errors and Omissions, Cyber, Crime, Property, Liability and Workers’ Compensation insurance. His goal is to help firms and organizations manage and mitigate risk.

Jeff Cappa Senior Cyber Forensic Analyst, Whittlesey Technology

Jeff Cappa

Education
• BBA in Management, Western Connecticut State University, Danbury, CT
• MS in Cybersecurity, Sacred Heart University, Fairfield, CT

Professional Experience
• Cybersecurity and Digital Forensics Analyst
• Expertise in penetration testing, vulnerability scanning, digital forensics and network architecture
• Maintains Security Awareness Programs for Whittlesey and clients
• Over 12 years of professional IT experience
• Previous role of IT Director at digital media company
• Worked as senior analyst at Fortune 500 company

Professional Activities
• ACE – AccessData Certified Examiner
• Member, Information Systems Security Association (ISSA), CT Chapter

Linn Freedman Partner, Robinson & Cole LLP

Linn Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm’s Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi Team).

Data Privacy and Cybersecurity Compliance Linn is nationally ranked in CHAMBERS USA: America’s Leading Lawyers for Business in the area of Privacy Law, where her clients reported in the 2019 Edition that “She travels to the end and back for her clients” and in the 2020 Edition that she has ‘extraordinary integrity and a great mind for creativity, while still adhering to regulatory compliance.’ She helps clients comply with all state and federal data privacy and security laws and regulations, and counsels them on state and federal data privacy and security investigations.

Linn advises companies and organizations on best practices for the collection, maintenance, and sharing of high-risk data, to help avoid breaches and cyber intrusions. She assists with data mapping and development of privacy and security plans. She helps clients comply with constantly evolving, industry-specific privacy and data protection regulatory requirements, including TCPA, COPPA, FCRA, FERPA, HIPAA, CCPA, CalOPPA, the Gramm- Leach Bliley Act and state specific laws and regulations.

Linn also assists clients with Written Information Security Plans (WISPs). She provides guidance regarding privacy and data protection implications associated with the deployment of mobile communication and data storage technologies, mobile applications, and location-based services. She works with clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, and social media policies, practices and procedures.

Linn has given presentations around the country on data privacy and cybersecurity, and she writes extensively on these topics, including for the firm’s Data Privacy + Security Insider and Health Law Diagnosis blogs.

Data Breach Preparedness and Emergency Response Linn assists clients with data breach preparedness, including assisting with vendor choice and pre-negotiating contracts for forensic, notification, and call center services. She also assists with the development and training of data breach response teams. If there is a data breach, Linn assists with all related response, notification, remediation, coordination, and litigation. She is well-versed in helping clients with post-breach investigations by the Federal Trade Commission, the U.S. Office for Civil Rights, and state attorney general offices. She also provides security incident tabletop exercises for clients.

Privacy and Class Action Litigation and Enforcement If a data breach or privacy issue results in litigation or an enforcement action, Linn works with clients to resolve the matter through the court system or before federal or state regulatory agencies. She is presently assisting a hospital system in a data breach class action lawsuit, which is on appeal after dismissal on Summary Judgment. She also represents various companies in privacy litigation matters around unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by employees. Linn is a former Assistant Attorney General for the State of Rhode Island and works with the AGs of multiple states around compliance and enforcement actions involving data breaches and data security.

HIPAA Compliance Linn has extensive experience helping clients with HIPAA compliance. She regularly assists with HIPAA compliance programs and employee awareness training, cybersecurity in relation to patient portals, and data use and sharing agreements for health information exchanges.

She has deep experience helping clients defend enforcement actions by the Office for Civil Rights of the Department of Health and Human Services.

Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island.

Moderator: Donny C. Shimamoto, CPA.CITP, CGMA - Founder and Managing Director of IntrapriseTechKnowlogies LLC

Jeff Cappa - Senior Cyber Forensic Analyst at Whittlesey Technology

Linn F. Freedman, CIPP/US - Partner and Chair of Data Privacy & Cybersecurity Team, Robinson & Cole LLP

Matthew Gamble - Senior Tax Analyst at Internal Revenue Service

Scott Garcia  - Professional Services Risk Manager at Smith Brothers Insurance

Jamie Shaw - Senior Analyst, IRS Wage & Investment, Return Integrity & Compliance Services

Panel to discuss what the IRS saw this past tax season, IRS expectations of tax preparers, and change in the cyber risk landscape, as well as any updates on mitigation strategies.

Breakout Session

11:35am - 12:20pm Minimizing Your Firm's Busy Season Cyber Security Risk - What to do Before February!

Christopher Wisneski Manager, IT Security & Assurance Svcs, Whittlesey Technology

Christopher Wisneski

Education
• Bachelor of Arts of Psychology, Gordon College, Wenham, MA

Professional Experience
• Manager of Information Security and Assurance Services for 2 years
• IT Auditor with specialties in HIPAA, PCI, Sarbanes-Oxley, GDPR and FFIEC
• Over 20 years of Information Technology experience with a specialty in Cybersecurity.
• Previous role of Deputy Information Security Officer (ISO) for 2500+ Insurance Company

Professional Activities
• Member, Information Systems Audit and Control Association (ISACA)
• Member, Information Systems Security Association (ISSA), Hartford Chapter
• Member, Security Communication Access Network (SCAN-Hartford)
• Member, FBI InfraGard
• Member, TINYg Global Terrorism Information Network
• Instructor, Hartford County Regional Fire School

Presented by: Christopher Wisneski - Manager, IT Security & Assurance Services at Whittlesey Technology

Session details coming soon

11:35am - 12:20pm The First Line of Defense Against Cybercriminals: Your Employees

Erich Kron Security Awareness Advocate, KnowBe4

Erich Kron

Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army’s 2nd Regional Cyber Center and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Mr. Kron has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in information security.

Presented by: Erich Kron - Security Awareness Advocate at KnowBe4

Cyber security threats continue to proliferate and become more costly to businesses that suffer a data breach. When it comes to combating these growing risks, most organizations continue to place more trust in technology-based solutions than on training their employees to be more aware of the threat landscape and able to recognize the red flags in cyber breach attempts.

Join Erich Kron, Security Awareness Advocate at KnowBe4, as he explains the emerging threats, the strengths and weaknesses that users bring to an organization's security culture, and strategies to fortify your organizations last layer of security, your users.

In this webinar you will learn:
• Current and emerging attack landscape and how organizations are coping
• Right and wrong approaches to changing employee behavior
• How to build a successful Security Awareness Training Program

Breakout Session

12:50pm - 1:35pm Changes in the Cyber Liability Insurance Landscape

Scott Garcia Professional Services Risk Manager, Smith Brothers Insurance, Inc.

Scott Garcia

Scott Garcia leads the Lawyers Professional Liability team for Smith Brothers Insurance. He is also a Certified Cyber Risk Manager. He provides clients with experienced underwriting, program management, risk management and insurance placement. Specializes in professional liability and management liability insurance including CPA Professional liability, Employment Practice Liability, Directors and Officers Liability, Errors and Omissions, Cyber, Crime, Property, Liability and Workers’ Compensation insurance. His goal is to help firms and organizations manage and mitigate risk.

Presented by: Scott Garcia - Professional Services Risk Manager at Smith Brothers Insurance

Session details coming soon

12:50pm - 1:35pm Cyber Security Governance & Risk Management Strategies

Steven Ursillo Jr. Partner | Risk Assurance & Advisory, Cherry Bekaert LLP

Steven Ursillo Jr.

Steve serves as Cherry Bekaert’s National Leader for the Information Assurance & Cybersecurity practice. He specializes in risk management, internal control over financial reporting, information system security, privacy, cyber fraud prevention and detection, security and privacy governance, and IT assurance services.

With more than 20 years of experience, Steve provides a variety of IT audit and security services for his clients across multiple industries. His background and knowledge with risk assurance and advisory engagements include information security readiness, cybersecurity, security and privacy attestation services, third-party assurance including HITRUST, cyber risk assessments, vendor risk assessments, disaster recover reviews, privacy reviews, System and Organization Control (SOC) reporting including SOC 1, 2 & 3, as well as other types of attestations and readiness assessments. In the area of information security, Steve’s experience ranges from security consulting and implementation to security assessments involving network and attack and penetration testing.

Steve is a nationally recognized writer and speaker on issues in the forefront of cybersecurity, risk and technology publications. He has delivered numerous presentations for various professional organizations and the public. In addition, Steve has provided end-user security awareness training to several clients’ staff, managers, directors, board members and to the general public. He has also performed live hacking demonstrations on simulation systems including network, wireless, mobile, application and web application attacks.

James Bourke Director of Firm Technology, Withum, Smith & Brown

James Bourke

Jim is a Partner, Member of the Board of Directors and Management Committee at WithumSmith+Brown, is Director of Firm Technology and Managing Director of Advisory Services. Jim has been a frequent speaker around the globe to many Accounting Societies and International Accounting and Trade Associations, the AICPA, CIMA, State Societies of CPAs, Industry Technology Organizations, Incubators, Accelerators and others on topics specifically related to various accounting, technology, practice management and advisory services topics.

In Jim’s role as Managing Director of Advisory Services, Jim heads-up the Firm’s SOC, cloud solutions, business advisory, BPO, cybersecurity, data analytics, info-security and transactional services initiatives for the firm.

Jim is also Global Advisory and Technology Leader for HLB International with his corporate office in London, UK. In this role Jim is responsible for helping and guiding over 300 HLB member firms around the globe in the areas of technology and expansion of advisor services.

He is Past President for the New Jersey Society of Certified Public Accountants and past Board and Council Member for the Association of International Certified Professional Accountants (AICPA).

Jim has been continually named by Accounting Today as one of the Top 100 Most Influential people in the Accounting profession and has been named by The CPA Technology Advisor as a Top Thought Leader in Public Accounting Technology year after year.

Presented by: James C. Bourke, CPA, CITP, CFF, CGMA - Director of Firm Technology and Managing Director of Advisory Services at WithumSmith+Brown

Steven J. Ursillo, Jr., CPA, CISA, CISSP - Partner, Risk Assurance & Advisory at Cherry Bekaert

In the session attendees will walk away with the understanding of the AICPA’s Description Criteria for Use in the Cybersecurity Risk Management. This description criteria is utilized as an excellent foundation to build out a company’s cybersecurity governance and risk management plan. Our speakers will share best practices in the development of risk management plans, with a focus on key elements to implement and maintain a state of the art cybersecurity risk management program for an organization. The session will end with the sharing of resources, including links to sample security plans, education and tools that can be tailored to meet the needs of those CPAs in public, private or government practice.

General Session

1:45pm - 2:45pm Security Products and Tools that Can Save You from a Breach

David Modzelewski Director, Whittlesey Technology

David Modzelewski

David Modzelewski is Director of Networking Services in our Hartford, Connecticut office. Dave joined Whittlesey in 2010 with over 14 years of experience as an IT Professional. He is dedicated to supporting business leaders and organizations by providing customized solutions to their technology challenges. In his role as Director, he oversees a team of dedicated engineers and technology professionals who manage small to midsize accounts. As an outsourced IT department, they set up and monitor systems while seamlessly augment internal IT staff without disrupting day-to-day business.

Dave is personally and professionally committed to helping organizations preserve their IT resources. He stays connected to industry best practices through membership with the Middlesex Chamber of Commerce’s Technology Council and as a participant in weekly business networking groups. Dave earned his Bachelor of Science in Industrial Technology, Networking from Central Connecticut State University.

Jeff Cappa Senior Cyber Forensic Analyst, Whittlesey Technology

Jeff Cappa

Education
• BBA in Management, Western Connecticut State University, Danbury, CT
• MS in Cybersecurity, Sacred Heart University, Fairfield, CT

Professional Experience
• Cybersecurity and Digital Forensics Analyst
• Expertise in penetration testing, vulnerability scanning, digital forensics and network architecture
• Maintains Security Awareness Programs for Whittlesey and clients
• Over 12 years of professional IT experience
• Previous role of IT Director at digital media company
• Worked as senior analyst at Fortune 500 company

Professional Activities
• ACE – AccessData Certified Examiner
• Member, Information Systems Security Association (ISSA), CT Chapter

Presented by: Jeff Cappa - Senior Cyber Forensic Analyst at Whittlesey Technology

David Modzelewski - Director at Whittlesey Technology

This presentation will cover some of the tools, tips, and techniques that can help prevent system compromises or reduce the risk of data breach if your business systems do become the target of an attack.

Non-Member Price $294.00

Member Price $199.00