Cybersecurity: Staying vigilant and safe

Posted on Wednesday, March 4, 2020 by Nicole Fracasso

Cybersecurity can be defined as “keeping your data and that of your clients safe,” writes Ted Needleman, contributing editor of Accounting Today in a recent article. While there are many benefits of technology, it also comes at a price. This consists of breaches, data theft, viruses and ransomware, all of which play a role in an organization’s cybersecurity.

In this article, Needleman discusses methods to help protect your organization from cyber-attacks. Firstly, you need to know where you are most vulnerable.

“The biggest threats to CPAs are those involving unauthorized access to their client’s data,” said James Bourke, CPA, partner and managing director of advisory services at Withum.

Of the many areas of vulnerability that can exist within a firm, two of the biggest ones are phishing and ransomware. Phishing is when a cyber criminal who is trolling for information drafts a fake email that appears legitimate and from a source you may know, writes Needleman.

“The IRS reports that 91% of data breaches of tax professionals are the result of an employee opening the infected attachment of an email that appears to be legitimate,” said Trenda Hackett, CPA, of Thomson Reuter and technical editor in tax at Accounting Today.

However, ransomware is a “type of malware that infects computers, networks and servers, and encrypts and locks data,” said Hackett. The user is usually unaware that the malware has infected their system until they receive a ransom request.

According to research from the Herjavec Group, the number of ransomware attacks per minute was 4.3 in 2019 and is expected to grow to 5.5 in 2021.

“Looking at all the ways your systems can be attacked can be daunting, but having the right tool can even the odds,” writes Needleman.

When it comes to protecting your organization from these attacks Needleman recommends using anti-malware firewalls, a 12-character password, and multi-factor authentication software. In addition, Needleman suggests disallowing the use of public Wi-Fi and thumb drives, as well as requiring security and phishing training for the staff.

When all else fails, it’s best to assume that at some point, an attack will get through your defenses, writes Needleman. If a cybercriminal is successful, it’s crucial that every employee knows who to call and how to respond to the situation. He also recommends routinely conducting the equivalent of fire drills to test your employees’ responses.

For more important advice on how to protect your organization from cyber-attacks, click here to read the article in full.

Want to learn more? Register today for our Cybersecurity Virtual Summit on March 11,2020.

Leave a comment