Mitigating cybersecurity risks in accountancy

It’s a sad fact that accountancy is one of the industries most targeted by cyber-crime. It’s a real problem for firms up and down the country. Indeed, when firms fall victim to a cyber-attack, they can face everything from legal and regulatory penalties, to reputational damage, and client distrust. On top of this, they can incur financial losses, which can be particularly severe: according the Cyber Resilience Centre, accountancy firms could lose as much as £15,300 in costs due to lost data or assets after a cybersecurity breach.

What’s more, customers can become victims of identity fraud as a result of a firm’s data breach and suffer financial harm – something no one wants to happen.

Firms are more vulnerable to cybercrime than ever before

Accountants handle sensitive and financial data like names, addresses, bank details, income and expense records, payroll information and more. Personal information like this is invaluable to cyber-criminals, who are only too happy to use it to defraud other people or sell on to others.

But as well as the abundance of sensitive data being an incentive, there are more general  vulnerabilities within the industry too.

Nearly half (44%) of UK workers undertake hybrid or remote work and accountants are no exception. A recent survey found that 80% of UK finance professionals work remotely some or all of the time.

Unfortunately, working from home aggravates the risk of cyber-attacks. Indeed, no thanks to remote working practices, there has been a 300% increase in cyber-attacks on accounting firms of all sizes.

There are a couple of reasons why remote working aggravates the risk of cyber-attacks. First, home-working staff might use their personal devices for work purposes – sometimes without permission from their employer’s IT department. Second, home-working staff might access sensitive information via insecure public Wi-Fi or neglect to use their organisation’s VPN. When you work with sensitive data on a daily basis, such practices should never happen.

But insecure working can be rife in offices too. For example, some accountants have the habit of transferring sensitive data via Excel spreadsheets or via email – two other practices that can be just as fraught with risk.

Practical steps firms can take to mitigate risks

Over two-fifths (43%) of accountants think of themselves as ’digital champions’. While this is a promising figure, it could be improved. After all, it’s technology that will protect firms from cyber-crime.

There is no need for firms to engage in insecure working practices such as transferring data via email. Sensitive data can and should be stored in one centralised location – with security embedded in its design. Not only is this a safer approach, but if the solution is cloud-based, then it can be easily accessible from wherever the team is working too.

No one wants to spend excessive time learning new processes, so firms should opt for an intuitive cloud-based solution. And if connections are encrypted or leverage other ISO-accredited processes, then so much the better. That way, firms will be better protected against things such as viruses, hackers and ransomware.

What’s more, it’s wise to opt for a solution that can adapt. After all, running multiple software with little cybersecurity standardisation can be risky. Indeed, it’s better to have one all-encompassing and coherent solution that can do everything, rather than several smaller options that can only do one or two things each.

It’s also important to pay extra attention at year-end or when tax return deadlines are due, as when accountants are busy, they can be more vulnerable to attacks. As an example, cyber-criminals have recently been using the tax credits renewal deadline to convince people into handing over personal information.

Cybersecurity by design

Unfortunately, shoring up cybersecurity posture, as well as the role of cloud-based technology, is still too low on the priority list for many firms.

While it’s true cybersecurity can overwhelming, accountancy firms simply cannot ignore how important it is. Cyber-attacks are now so common that firms are likely to fall victim to one at some point. It’s only by embracing the right tech and preparing defences ahead of time that firms can protect themselves against the consequences.

The post Mitigating cybersecurity risks in accountancy appeared first on Accounting Insight News.