Your Future. Our Focus.


Your Future. Our Focus.

Antonina K. McAvoy, CISA, CISM, QSA, PCIP

Antonina K. McAvoy, CISA, CISM, QSA, PCIP

TITLE: Partner, Cybersecurity & Risk Advisory Services
LOCATION: Norfolk

Antonina McAvoy specializes in cybersecurity, as well as data protection and privacy. She has 14 years of experience leading and performing a wide spectrum of cybersecurity reviews (i.e. NIST, COBIT, CIS, PCI, GDPR, ISO Standards), SOX 404 business control mapping and Information Technology General Control (ITGC) assessments, AICPA SOC reporting (SOC 1, 2, 3, SOC for Cybersecurity, and SOC for Supply Chain reporting), HIPAA compliance audits, HITRUST CSF readiness assessments, FFIEC ITGC examinations, Department of Defense (DoD) System Security Plans (SSP) and Plan of Action & Milestones (POA&M), DoD DFARS and CMMC readiness assessments (CMMC provisional assessor candidate), outsourced IT internal audits, and internal control assessment services.

Antonina has strong technical skills and is instrumental in performing complex data mapping exercises to identify where key data resides in an organization’s environment, assessing the design and operating effectiveness of control environments, as well as identifying control gaps and weak cybersecurity settings. Ms. McAvoy is highly skilled in analyzing the root cause and impact of IT issues through gaining a deep understanding of an organization’s operations. She is well versed in translating IT risks, recommending business solutions, and advising organizations on designing strategies to create and improve sustainable data protection and enterprise-wide risk prevention programs.

Antonina grew up in a family of accountants, with her parents serving as CFOs. Antonina followed suit with a degree in Accounting, but initially discovered her interest in information technology during her first post-college position when she was presented with the opportunity to work on an IT audit. Her experience since then has led Antonina to assist organizations across various industries, as well as both small mom-and-pop businesses to large global organizations where Antonina coordinated the information technology audits across both geographic and language barriers for multiple key international locations. She has found her passion by combining her love for networking with applying the technical knowledge she gained from helping companies identify control gaps and security weaknesses. Her innate ability to connect with people allows her to effectively communicate weaknesses identified and make strong recommendations to management to help improve their cyber-environment.

Over a decade has passed since she first started assisting companies with their IT environments, yet the fear of cybersecurity preparedness by boards and upper management has only increased as high-profile cyber-attacks become more common and the need for digital trust intensifies. It is Antonina’s mission to help companies strengthen their business and cyber-resilience to reduce the risk of a cyber-incident occurring that could have a significant financial, operational, legal and reputational impact.

Prior to joining PBMares in 2018, Ms. McAvoy worked with other accounting firms, including a five-year tenure in the Information Systems Assurance group of the fifth largest accounting firm in the world, and a three-year tenure with the Risk Assurance group of a prestigious “Big Four” accounting firm.

PROFESSIONAL ASSOCIATIONS:

EDUCATION:

  • Master of Science in Cybersecurity with a concentration in Cyber Operations from Utica College
  • Bachelor of Science in Business Management with a concentration in Accounting from Babson College
  • Associate of Science in Business Administration with a concentration in Accounting from Massachusetts Bay Community College

PUBLICATIONS:

Pursuing a master’s degree was a lifelong academic goal of Antonina’s, which culminated in her first publication The Secret to Mastering the Defense Federal Acquisitions Regulation Supplement Cybersecurity Requirements (ProQuest No 27672340).

CERTIFICATIONS:

ARTICLES:

How to Create a Comprehensive SSP and Calculate Your SPRS Score: Steps to Confident CMMC Compliance

Risk Advisory _ CMMC

Navigating CMMC requirements can be daunting, especially when it comes to developing a comprehensive System Security Plan (SSP) and calculating your Supplier Performance Risk System (SPRS) score. Learn how you can confidently complete the necessary steps to compliance, including performing a self-assessment against the NIST SP 800-171r2 controls to develop a robust SSP and SPRS score.

Navigating the Future of Cybersecurity: A Deep Dive into NIST CSF 2.0

Navigating the Future of Cybersecurity

The recent release of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0 marks a significant milestone in the evolution of cybersecurity standards. Learn about the key updates in NIST CSF 2.0 and explore how these changes will shape the future of cybersecurity and risk management.

Bridging the Compliance Gap: The Unseen Challenge of SOC 2 and PCI DSS

Bridging the Compliance Gap: The Unseen Challenge of SOC 2 and PCI DSS

In today’s rapidly evolving digital landscape, maintaining robust security and compliance mechanisms is not just a regulatory requirement; it’s a business imperative. Two primary frameworks dominate this landscape: SOC 2 and PCI DSS. However, the market presents a unique challenge: the intersection of firms that can proficiently handle both SOC 2 reports and PCI DSS assessments.

INDUSTRIES:
Various

SERVICES:
Cybersecurity, Risk Advisory
"One single vulnerability is all an attacker needs to infiltrate an organization. It is my passion and my mission to help companies strengthen their cyber-readiness and improve data privacy and security to lessen the risk of a breach."
2024-11-19T11:25:00-05:00
Go to Top

As Internet Explorer will discontinue browser security updates by August of 2021, this site is best viewed using Google Chrome, Safari or Microsoft Edge.

Click to Continue