2023 IT Examiner School

Virtual Currency

• Regulatory Landscape • Blockchains & Consensus Mechanisms • Permissioned vs. Permissionless • Key Management

Authentication Risks

• 2022 Verizon DBIR, 50% of 5,212 total breaches (2,606) due to credential theft. • FFIEC 2021 Authentication Guidance • Importance of risk assessments practices • Single Factor vs MFA • Emphasizes layered security model or DID (Defense-In-Depth) to Detect, Respond to credential attacks • Examiners focus on Security Awareness Training & Access Control Management