The Big Cybersecurity Threats Facing Accountants and How to Protect Yourself
Accountants often ask me what the most current cybersecurity threats are that might disrupt their practice. While these are generally of an IT nature, which this article will outline, my initial response startles most accountants: Focus on your staff as your first line of defense.
No Staff Surprises
Surprisingly, accounting practices, regardless of size, seldom have a meeting to discuss in-house rules for protecting their data. The threat comes from social engineering, a fancy term IT people use, which is nothing more than tricking recipients through impersonation. Hackers pretend to be someone else to fool targets into acting in the attacker's favor, usually by sending money. The best defense is education and training. Have your in-house IT security expert (or outside consultant) go over a detailed approach about what rules to follow to ensure that staff doesn't fall prey to creative scammers. Ensure that new employees also receive training when they join the firm.
Other security threats include the following:
- Ransomware: I describe it as expensive, unpredictable and terrifying. Ransomware simply means that an outside actor has taken control of your IT system and will not return control to you until you pay a ransom. Think: IT kidnapping. It can occur simply by opening an attachment that appears to be an invoice, and in doing so, you've launched the malware that allows the attacker to take over your computer. A 2017 IBM Research report said that this approach, called phishing, was responsible for 59 percent of ransomware attacks. Just because it looks legitimate doesn't mean that it is. You can prevent ransomware by using tested monitoring applications, backing up frequently, installing the latest anti-malware protection and, yes, training your staff.
- Deficient Post-Attack Procedures: If you’re a victim of a cybersecurity attack, don't relax thinking you're safe. You're not. You must patch any holes in your system immediately after the attack. A survey of 1,263 IT professionals by Cybereason found that 80 percent of victims who submitted a ransom payment said they experienced another attack soon after. The survey also found that "60 percent of cyber attacks could have been prevented if an available patch had been applied, and 39 percent of organizations say they were aware they were vulnerable before the cyber attack occurred."
Two Defense Options
- 2 Factor(2F) or Multifactor Authentication (MFA): These are not threats but rather the gold standard for protecting your data. There is a difference, however, between the two. 2F authentication requires precisely two steps. The most common version is when the site you wish to enter will send a code to your cellphone. Upon receiving and entering the code, you gain access to the site. Accountants should consider this the minimum-security barrier. MFA requires two or more methods of verifying your identity. Every 2F is an MFA, but the reverse is not necessarily true. Think of MFA as an extra door lock that creates an additional barrier more likely to dissuade an intruder. You might have the login and password as your first line of defense, but you might also add a retina scan or a fingerprint with an MFA. Employing MFA adds a substantial extra layer of protection, and accountants should note that the cost is modest. Utilizing an MFA security system might add an extra moment to implement or require you to remember which type of MFA a site demands. Still, this slightly added irritant is worth the considerable increase in security.
- Next-Generation Antivirus (NGAV): NGAV is the latest in antivirus protection using artificial intelligence. If you created a digital recipe that combines artificial intelligence, behavioral detecting and machine learning algorithms and exploits mitigation techniques, you would have NGAV. To explain it more simply, "NGAV is the next step in endpoint protection, using a signature-less approach to deliver more complete and effective security possible with legacy AV [antivirus]," according to Crowd Strike. This is an accurate description because NGAV is cloud-based, immediately deployable and removes updating barriers across the network, such as updating software or maintaining infrastructure.
It might be a cliché but invest in prevention now or pay much more in the future after a cyber attack.