10 Common Cyber Incident Response Mistakes [PDF 190 KB] - July 2015
In the unpredictable and fast-paced battle against cyber attackers, strong incident response teams are a powerful weapon in an organization’s defense. Responsible for assessing security systems and responding to security threats, incident response teams play a major role in resolving issues and controlling damage of system breaches, malware exposure, and other security events.
Legal counsel and forensic accountants fight bribery and corruption [PDF 863 KB] - May 2015
When legal counsel and forensic accountants work together, they create a powerful team that can help clients with anti-bribery and corruption (AB&C) related matters. The array of skills and services that these professionals bring to the table help organizations by applying their unique analytical capabilities and global experience to address AB&C challenges.
Combating spear phishing attacks [PDF 61 KB] - March 2015
The need for sound security practices and controls is imperative to help protect against a growing swell of sophisticated cyber threats. Targeted attacks, including those perpetrated via e-mail, such as spear phishing, have become commonplace. It is almost certain that these attacks will increase in frequency and sophistication as companies expand the use of digital assets and unstructured data. Companies stand to lose far more than their intellectual property in the aftermath of a spear phishing attack. Damage to reputation and brand can be just as devastating as theft of property and secrets.
Some cautionary thoughts on "predictive coding" [PDF 841 KB] - September 2014
Discovery has always been a part of litigation, investigations and regulatory inquiries. The huge volumes of data and the increasing complexity of matters can increase the cost of the e-discovery (discovery of electronic information) to unacceptable levels. In recent years, software companies have been offering the next generation of concept-based search and classification technology: predictive coding or technology-assisted review. The fourth edition in the series weighs in on the pros and cons of using this approach to manage the discovery process.
Protect or Perish: An in-depth look at POS malware and ColdFusion [PDF 142 KB] - June 2014
In today’s reality, cybercrime is becoming more and more commonplace, putting organizations in danger of both financial and reputational damage. A data breach can strike an organization at any time, and the impact can be crippling. The third edition of Forensic Focus provides and indepth look at POS malware and ColdFusion exploits.
Third-Party Integrity Risks [PDF 70 KB] - November 2013
In second edition of Forensic Focus, Third-Party Integrity Risks, KPMG analyzed the findings of approximately 8,000 integrity due diligence reports that KPMG’s global firms have conducted in order to understand the nature of risks facing organizations through third-party business associations. The results of our analysis challenge some widely held assumptions about due diligence practices and the nature of third-party risk.
Hiding in plain sight: The anatomy of a bribe [PDF 77 KB] - July 2013
The first in the series, Hiding in plain sight: The anatomy of a bribe reveals the risk of bribery and corruption while operating in foreign countries. Bribes can lurk anywhere that there is contact with foreign officials, and are most often camouflaged as legitimate payments. The recent changes to Canada's Corruption of Foreign Public Officials Act makes it more important than ever for Canadian companies to understand the anatomy of a bribe.