Heather Bearfield is a Principal in the Firm's Boston office and serves as the IT Risk and Assurance Services Practice Group Leader. She is also a member of its National Alternative Investment, Healthcare and Financial Services Industry Groups. Ms. Bearfield has extensive experience with SOC engagements, internal and external audits, application reviews, internal and external vulnerability assessments, wireless assessments and penetration testing.
Ms. Bearfield's main focus has been around data security and CyberSecurity. Engagements include vulnerability assessments, penetration testing, wireless assessments and social engineering.
Ms. Bearfield has comprehensive experience in multiple aspects of Risk Management across business operations including regulatory compliance. She executes compliance engagements according to various regulations including SOX, MA 201 CMR 17.00 (Data Security), HIPAA Privacy, HIPAA Security, Meaningful Use, Dodd Frank, SOC1, 2, 3 and FISMA. She identifies process and control weaknesses, analyzes complex systems and works with clients to streamline operations within time and resource constraints. Also she is responsible for conducting global and national IT Risk Assessments and IT Control Assessments in numerous vertical markets inclusive of manufacturing, banks, financial services, colocation hosting facilities cloud providers, and application service providers.
- Information Systems Auditing and Control Association (ISACA)
- Massachusetts Society of Certified Public Accountants (MSCPA)
- 100 Women in Hedge Funds
- Boston Chamber of Commerce- Women's Advisory Board
- Crisis Management in Data Breaches: June 2015
- Demystifying AML with Data Analytics: April 2015
- IT Hot Topics. ISACA Conference: June 2015
- Today's Security Industry: From Broken Windows to Hacked Networks: February 2015
- Interviewed about Corporate Cybersecurity Vulnerabilities by Thestreet.com: March 2015
- "Security Risk Assessments: Helping Achieve Compliance" Featured in South Florida Hospital News & Healthcare Report: November 2014
- The Wall Street Journal Article, "Retailers Back Obama's Credit Card Protections.": October 2014
- New England Cable Network "Best Practices for Data Protection.": October 2014
- Featured on Bloomberg Radio's The Hays Advantage: October 2014
- Featured in Crain's Chicago Business Article, "Let's Face It: Your Data's as Good as Hacked. So, Now What?": September 2014
- Featured in AP News Article, "Target Tech Chief Resigns as it Overhauls Security.": March 2014
Master of Business Administration
University of Vermont
Bachelor of Science, Business Administration
University of Vermont
Certified Information Systems Auditor
Certified Information Systems Manager
Certified in Risk and Information Systems Control
January 09, 2017
Principal Heather Bearfield, chair of Marcum’s Women’s Initiative, was interviewed by Long Island Business News for an article about the advancement of women in the accounting profession.
As public accounting firms continue to struggle to retain and advance women professionals, many are providing increased flexibility and launching initiatives to help them achieve ....
The American Institute of CPAs this week unveiled three measures aimed at advancing the battle for cybersecurity.
Heather Bearfield, National Technology Assurance Practice Group Leader, was interviewed about Corporate Cybersecurity Vulnerabilities by thestreet.com.
October 23, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Quoted in CreditCards.com Article, "After the Breach: Should You Enroll in ID or Credit Monitoring Services?"
If you've been the victim of a security breach, there's good news. Many retailers whose databases have been hacked are offering credit monitoring or identity ....
News of President Obama's executive order mandating use of pin-and-chip technology in credit cards used by federal workers and in debit cards used to allocate ....
Heather Bearfield, group leader for National Technology Assurances Services Practice at Marcum LLP, joined NECN to answer just that. She also shared some valuable data ....
Heather Bearfield, group leader for National Technology Assurances Services Practice at Marcum LLP, joined Bloomberg Radio's The Hays Advantage to discuss the cyberattack on JP ....
September 30, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Featured in Crain's Chicago Business Article, "Let's Face It: Your Data's as Good as Hacked. So, Now What?"
OK, so maybe the idea that your precious banking information is freely floating around on the Internet for anyone to see is a bit of ....
April 16, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Featured in the Inc. Article, "Why Your Employees Are the Single Biggest Threat to Your Company's Data."
When the Heartbleed security bug was revealed last week, IT departments across almost every industry scurried to secure their infrastructure. Frighteningly, the bug, which potentially ....
March 21, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Featured in The Metropolitan Corporate Counsel Article, "Pay Attention: While Malicious External Cybersecurity Threats Abound, Many Others Are Hidden In Plain Sight.&
The Editor interviews Heather Bearfield, Principal in Marcum LLP's Boston office and National Technology Assurance Services Practice Group Leader.
Target Corp.'s executive ranks have suffered their first casualty since hackers stole credit card numbers and other personal data of millions of the retailer's shoppers ....
Target Corp announced an overhaul of its information security practices and the resignation of its chief information officer as the retailer tries to reassure customers ....
February 25, 2014
Heather Bearfield, National Technology Assurance Services Practice Group Leader, Quoted in Reuters Article, "360 Million Newly Stolen Credentials on Black Market: Cybersecurity Firm."
A cybersecurity firm said that it uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets, though it ....
As companies become increasingly attuned to the vulnerability of their computer systems to cyberattacks, many may be overlooking a more obvious hole in their protections: ....