Boaz Fisher, managing director of risk consultancy firm Commsnet Group, has noted that while cyber breaches are a fact of life in the digital age, accountants have a duty and responsibility to their clients to demonstrate good governance and accountability for their prospects.
“Accountants have to be extremely careful as they hold a number of sensitive data about their clients, and cybercriminals know that, so obviously they are a target,” Mr Fisher said.
“Accountants need to demonstrate to their clients that they follow security best practices, and this is not just having anti-virus software and a firewall.”
Mr Fisher added there is an alarming level of complacency surrounding potential cyber threats, with small businesses in particular believing that a cyber breach would never affect them or their firm.
“How wrong – we are all a target,” Mr Fisher said.
Protecting key assets from a confidentiality, integrity and availability standpoint – by restricting administration privileges and ensuring that strong authentication is used for passwords – can reduce a firm’s risk exposure by up to 80 per cent, according to Mr Fisher.
“It doesn’t require much financial investment, but requires regular attention,” he said.
Mr Fisher noted that as the threat of cybercrime is increasingly prevalent, so cyber insurance is increasingly an option for accountants and their firms, although its current utility is in question.
“Should businesses take on cyber insurance? In my opinion, they do not need to, especially if they have gone through a process of adopting security best practices and understand how to quickly recover from a cyber incident,” he said.
“Having said that, and given that cyber breaches are rising and the cost of dealing with mandatory notifications is added, the option of using cyber insurance cover may become more attractive.”