Summit Focuses on Internal Auditors’ Role in Battling Cyberattacks

Fraud Summit at UT Dallas, 2013

The 8th Annual Fraud Summit drew a sold-out crowd of 450 professionals. The conference raised money for student scholarships. (Photo courtesy of Ken Sharp)

Cyberattacks on everything from Apple to zombie video games have made headlines.

The onslaught of security breaches has companies increasingly relying on a department not typically known for its role in preventing cyberthreats: internal audit.

Businesses have a growing need for internal auditors who can size up their data security policies and potential risks, said speakers at the 8th Annual Fraud Summit.

The conference, recently hosted by the Naveen Jindal School of Management, drew a sold-out crowd of 450 professionals.

Keynote speaker Kyle Maxwell BS’04, senior network security analyst for Verizon Business, said most security breaches investigated by his team have involved weak or stolen credentials.

Kyle Maxwell

Kyle Maxwell BS '04, senior network security analyst for Verizon Business, gave the keynote address. (Photo courtesy of Ken Sharp)

Breaches can take months to discover, typically by law enforcement or other third parties, said Maxwell. He added that anti-virus programs are a good precaution but not a guarantee against attacks.

“Our detection stinks,” Maxwell said. He added that companies express surprise when breaches are discovered.

“They say, ‘We’re compliant,’” Maxwell said. “That’s great, but it’s not working. I don’t have all the answers, but we need to find them.”

The Jindal School is working to add courses to fill the growing need for auditors skilled in evaluating hacking and malware threats.

“You’re going to see some students coming out of UTD in the future who have a concentration in cybersecurity,” said Mark Salamasick, director of the Center for Internal Auditing and senior lecturer in accounting, who organized the fraud summit.

A portion of the proceeds from the summit will be used for scholarships for students preparing for internal audit careers. The conference raised about $35,000 for scholarships and $50,000 for an internal audit endowment.

In 2011, The Center for Internal Auditing Excellence set a goal to raise $1 million for an endowment to support scholarships, teaching assistance, seminars, conferences, research and educational programs.  UT Dallas’ internal audit program is one of five recognized by the Institute of Internal Auditors as a Center for Internal Auditing Excellence.

Mark Salamasick

Mark Salamasick said the Jindal School is working to train auditors skilled in evaluating hacking and malware threats. (Photo courtesy of Ken Sharp)

Dr. Hasan Pirkul, dean of the Naveen Jindal School of Management and Caruth Chair of Management, announced at the Fraud Summit that JSOM will provide a $50,000 matching contribution for the endowment. That brings the total raised so far for the endowment to $600,000.

The conference featured speakers from leading accounting and fraud investigation firms and UT Dallas faculty. Attendees each received a copy of A Guide to Forensic Accounting Investigation, co-edited by Steven Skalak, partner at PriceWaterhouseCoopers who gave an address on “Doing Business in the Big East: Emerging Assurance Issues in China.”

Dr. Rebecca Files, assistant professor of accounting, led a session titled, “The Benefits of Cooperating with Regulators: Evidence from Academic Research,” for firms trying to determine policy on whether to cooperate with regulators.

The summit explored the many ways that auditors can use technology to detect fraud, including sessions on “How to Detect and Prevent Fraud Using Data Analysis” and “Cybercrime Inferno.”

Maxwell, the alumnus who now works for Verizon, described fraud cases that were both galling and entertaining.

There was the computer programmer who outsourced his job to a programmer in China while he played video games and surfed the Web at work. Then there were the fraudsters who pulled off a multi-million ATM heist without going near an actual machine by taking advantage of a software misconfiguration.

The culprits were caught, providing successful conclusions – and plenty of lessons for auditors.

For more information on supporting the Center for Internal Auditing Excellence, please contact Mark Salamasick at [email protected]

Media Contact: The Office of Media Relations, UT Dallas, (972) 883-2155, [email protected].