• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Stumble Forward

Stumble Forward

Avoid Life's Financial Pitfalls

  • Blog
  • About
  • Contact
  • Resources

Cyber Security Awareness for Accounting Firms – 5 Must Know Tips

October 11, 2017 by Christopher Leave a Comment

Source

Cybersecurity awareness among accounting firms has skyrocketed within the past five years, primarily because CPAs are an ideal target for cybercriminals who know that accounting firms hold and maintain valuable financial information about their clients.

As accountants adopt new systems and technology in their practices, they will need to continue to raise their awareness of their vulnerabilities and to enhance their cyber defenses in at least five different areas:

 

#1 Internet of Things (“IoT”) Devices

 In late 2016 the American Institute of Certified Public Accountants (AICPA) reported that an internet-enabled copier provided an opening for hackers to access documents that one accounting firm had been scanning into a digital format.

IoT devices are frequently overlooked when security patches are being installed, and many of those devices include embedded legacy firmware with known security flaws.

CPAs should devote extra attention to these devices in their offices.

 

#2 Phishing Scams

During the busy April 2107 tax season, a group of hackers targeted CPA firms with email messages that purported to be from the AICPA.

Those messages included attachments, which, if opened, would install malware or other malicious code into a CPA firm’s networks to enable the hackers to steal valuable information.

Hackers are very much aware that CPAs and employees of CPA firms can be easily distracted during busier times of the year and they prey on that distraction to launch phishing and other email scams.

Staying aware of risks and refraining from opening attachments in all emails are best practices for all accounting firms.

 

#3 Ransomware

 The busy tax season and the end of the accounting year are also ideal times for cybercriminals to launch ransomware attacks against CPA firms.

A ransomware attack can be launched from an email attachment or an employee’s accessing a suspicious website. Those attacks can freeze an entire network and destroy valuable data unless the targeted CPA firm agrees to pay a bounty to the cybercriminals.

Again, heightened awareness is the best defense against ransomware attacks.

 

#4 Remote Access Security

A CPA firm needs to do more than just protect its own internal networks and systems, it needs to be aware of its endpoint security.

Smartphone, laptops, and other mobile devices that employees use for remote access to a firm’s networks can introduce another layer of cyberattack vulnerability, particularly if the firm has a “bring your own device” policy that allows employees to use personal devices for remote access.   

 

#5 Enhanced Protection for Sensitive Data

CPA firms should maintain stronger controls and impose more limited access to client bank account numbers, credit card information, usernames and passwords for financial accounts, and other sensitive information that hackers could use to misappropriate client funds.

At a minimum, access to that information should be restricted to employees who have a need to know that information in order to fulfill their job responsibilities.

A CPA firm that enhances its cyber defenses will improve its chances of deflecting a cyber attack, but even the most robust defenses will not provide absolute immunity from all attacks.

Recognizing this, insurance providers have developed cyber insurance for CPAs. These insurance policies can provide reimbursement for a CPA firm’s direct losses and for liabilities that it may incur to third parties whose data and information are compromised in a cyber attack on the insured CPA firm.

Most critically, cyber insurance for CPAs can help a firm to recover from a cyber attack quickly in order to maintain its reputation and trust among its clients.

It is not an exaggeration to say that CPA cyber insurance can be the difference between a firm’s ability to continue to provide accounting services following a cyber attack instead of closing its doors forever.

So what are you doing to protect yourself from cyber hackers?  Share your thoughts below.

Cheers!

Related

Filed Under: Identity Theft

About Christopher

Chris is a personal finance blogger with Stumble Forward helping people avoid life's financial mistakes and live a higher quality financial life.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty + 13 =

Primary Sidebar

Get To Know Me

Hi, my name is Chris! I’m a personal finance and small business nerd.  Check out my blog where I share all of my favorite tips about saving money to running a small business.

As Seen On…

Top Articles

Categories

  • Business Opportunities
  • Business Tips
  • Careers
  • Consumer Advice
  • Credit
  • Credit Cards
  • Debt Managment
  • Education
  • Financial Independence
  • Food & Cooking
  • Health & Fitness
  • How To Guides
  • Identity Theft
  • Industrial
  • Insurance
  • Investing
  • Law
  • Lifestyle
  • Money Managment
  • Mortgages & Loans
  • Online Business
  • Pets
  • Product Reviews
  • Real Estate
  • Saving Money
  • Scams
  • Tech
  • Travel
  • Uncategorized

Related Blogs

Side Hustle Academy

Wallet Impact

Course Lifestyle

Welders Lab

Footer

Brilliantly

SAFE!

stumbleforward.com

Content & Links

Verified by Sur.ly

2022
  • Blog
  • About
  • Contact
  • Resources

Legal Stuff – Yep We Got That Too

Privacy Policy
Disclaimer for Stumble Forward
FTC Disclosure

Copyright © 2023 · Magazine Pro on Genesis Framework · WordPress · Log in