In today’s hyper-connected world, all organisations have become vulnerable to cybercrimes, data breaches, and other issues related to information security management. Experiencing cyber-attacks is not a matter of if but when. For this reason, maintaining the security of accounting data among firms in the past decade has become one of their most pressing concerns.
What is a Cybercrime?
The American Institute of CPAs (AICPA) defines a cyber-crime as a deliberate commission of an illegal act with the aid of a computer or other technologies. This includes sending malicious content containing computer viruses, phishing, and orchestrating a distributed denial of service (DDoS) attack, among others.
With the rise of the Internet of Things, the risk of falling prey to such attacks has inevitably increased. Why should your accounting firm take cyber-security management seriously? Below, we list the three major risks that all firms face in today’s business landscape.
1. Financial Cost
Cyber-attacks are no longer as simple as the viruses that come with chain emails in the late ‘90s. Some cybercrimes can be as sophisticated as a corporate account takeover, in which a cybercriminal illicitly acquires login credentials using a Trojan virus. This allows the cybercriminal to hijack your system and gain access to your bank funds. Thereafter, the criminal wires the funds to an account they control.
Chief financial officers (CFOs), chief accounting officers (CAOs), treasurers, and controllers are particularly at risk for they most likely have access to their firm’s funds. For this reason, they should have a thorough understanding of what controls they do have over their online banking transactions.
2. Risk to Clients
Aside from the financial loss, inadequate efforts to guarantee the security of information could also have grave consequences for a firm’s clients. Small- to medium-sized businesses can even go bankrupt when their financial data is compromised.
Given that CPAs are in a unique position as financial data aggregators, it is crucial that CPAs should fully understand the importance of keeping their clients’ information secure. Controls and measures should be implemented to guarantee the security of such data.
3. Damage to Reputation
Not only will cyber-security issues lead to losing money, resources, and clients, it can also damage your firm’s reputation. Cyber-security attacks can be a major public relations problem for the firm involved, such as when the breach involves identity theft and ransomware. For this reason, accounting firms should take a proactive stance when it comes to cyber-security.
What Can Be Done?
To fully protect your firm and ensure information security, your entire organization should be involved, and not just your IT department. Here are three actionable steps that you can take to ensure the security of your firm’s accounting data: promote information security awareness among your employees; have someone on board who understands the current threat landscape; and create a cyber-attack response plan. In addition, make sure that you secure your own employees’ personal information as well.
Leverage the Cloud
Another precaution that you can take to guarantee the security, integrity, and reliability of your financial data is by leveraging the cloud. According to PwC’s Global State of Information Security® Survey of 2017, more firms offering financial services have migrated sensitive data into the cloud.
Do you want to learn more about what finance and accounting functions you can start putting in the cloud? Download our whitepaper on Cloud Accounting for Small Businesses to learn more about D&V Philippines’ cloud-based services today.