According to data obtained by the Australia Cyber Security Centre (ACSC) through its 2017 Threat Report, 47,000 major cyber security (a 15% increase from the previous year) attacks occurred during the past financial year.
This data only reiterates the fact that accountants are targets for security breach because of the quantity and quality of data they have access to. For identity thieves, accountants are a gold-mine because they hold on to personal and financial information.
Accountants Are Attractive Targets To Security Breach
Just how bad is it? A survey conducted by Smithink’s ATSA 2017 found that 14% of firms have been hijacked. It also uncovered that cyber criminals are targeting accounting systems to steal personal details and tax return data. According to Smithink director David Smith, the sensitive nature of of data accountants have makes them a “very attractive target” to online crooks.
Interestingly, despite the fact that one in seven accounting firms have reported being hacked, accountants have yet to take concrete actions in strengthening their systems and processes against cyber attacks.
Furthermore, based on data we acquired from one of our previous webinars called “Essential Guide to Outsourcing And Cloud Security for Accountants,” only 23% of surveyed participants identified cloud security as one of the top concerns when offshoring.
A security breach can have disastrous effects to a firm:
- Put client confidential data at risk of identity theft
- Loss of profit
- Increased cost of protection against future attacks
- Damage the firm’s reputation
- Lose client’s trust which can eventually lead to loss of business
How To Improve Your Cyber Security?
When your firm falls prey to a cyber attack, your most valuable asset (data) becomes susceptible to exploitation. What do you need to do is avoid it from happening in the first place? Here are ways to protect and improve your firm’s cyber security:
- Start with the simplest: use the right passwords. Use 15-digit passwords because this is the threshold for algorithms to have the most difficulty cracking and make sure to use a phrase that you know. It’s easier than having to remember a random combination of letters and numbers. Plus, computers would have a hard time cracking codes like this.
- Assess your current network defence system. Check sensitive information you have at hand and see who has access to it. Set control measures to secure your firm’s data.
- Be more conscientious of your computer habits: don’t click on email links from sources you don’t know, automate systems like document acquisition so you don’t have to resort to email and make sure your email is always encrypted.
- Get professional help. Hire an IT consultant to establish a reliable network that will ensure your data is encrypted and protected against hackers.
- Prioritise continuous cybersecurity assessment. Perform periodic checks to identify areas that might be susceptible to security breach whenever your firm changes networks (i.e. adding a router or replacing a server).
- Train your employees. Educating employees about cyber attacks is crucial in ensuring your firm is safe from attacks. Human error is one factor in security breaches, so minimise the risks by making sure your team is aware of the best practices when dealing with data.
Insufficient measures to secure data can be devastating to your accounting firm. This will, more than anything else, damage the reputation of your firm. Consequently, it will lead to loss of revenue.
Part of your professional responsibility as an accountant is to ensure that data is secure within your custody. It is an accountant’s job to protect businesses by providing important financial advice. But because the time’s changing, accountants also need to do more to achieve their main objective and being on top of data security should be one of them.
