Steve serves as Cherry Bekaert’s National Leader for the Information Assurance & Cybersecurity practice. He specializes in risk management, internal control over financial reporting, information system security, privacy, cyber fraud prevention and detection, security and privacy governance, and IT assurance services. With more than 20 years of experience, Steve provides a variety of IT audit and security services for his clients across multiple industries. His background and knowledge with risk assurance and advisory engagements include information security readiness, cybersecurity, security and privacy attestation services, third-party assurance including HITRUST, cyber risk assessments, vendor risk assessments, disaster recover reviews, privacy reviews, System and Organization Control (SOC) reporting including SOC 1, 2 & 3, as well as other types of attestations and readiness assessments. In the area of information security, Steve’s experience ranges from security consulting and implementation to security assessments involving network and attack and penetration testing.
Steve is a nationally recognized writer and speaker on issues in the forefront of cybersecurity, risk and technology publications. He has delivered numerous presentations for various professional organizations and the public. In addition, Steve has provided end-user security awareness training to several clients’ staff, managers, directors, board members and to the general public. He has also performed live hacking demonstrations on simulation systems including network, wireless, mobile, application and web application attacks. He is actively involved with the American Institute of Certified Public Accountants (AICPA), System and Organization Control (SOC) Task Force, AICPA National Council, AICPA Information Management and Technology Assurance Committee (IMTA), Co-chair, AICPA IMTA Cyber Security Task Force.