Skip to main content

Building an effective cyber security strategy in accountancy

(Image credit: Image Credit: ESB Professional / Shutterstock)

There is no doubt that all sectors want to use new technologies such as Artificial Intelligence (AI), big data and the Internet of Things (IoT) to modernize their industries. This is particularly true for the accountancy sector. Over the years, accountancy firms have been discovering ways to use new technologies to minimize the amount of time spent on jobs such as manual entry tasks and offer more consultative services. In particular, when it comes to automating payroll functions, by adopting new technologies, accountants will be able to focus on offering more strategic services including forecast modelling, bookkeeping and cash flow predictions.

However, the rapid pace of technological change comes with both advantages and disadvantages. In one sense, it facilitates innovation and real change, but it can also produce new attack vectors for opportunistic cyber criminals.

One of a business’s most trusted advisers are accountants. With the responsibility for holding huge amounts of private data on a wide array of issues, including a company’s financial performance to payroll data and merger and acquisition activity. Due to this, they hold a plethora of information that is vastly appealing to cybercriminals. It can include anything from intelligence about an upcoming merger and acquisition that can be used for financial gain to the taxation records of large corporates and high-net-worth individuals which can be sold to media outlets. The growing threat that cybercriminals pose to accountancy firms needs to be examined and the importance of the industry uniting to build an effective cyber security defense strategy is vital.

Fierce competition

This year has emerged as a defining year for cybersecurity in the accountancy sector. The challenge for the accountancy sector has been that there is fierce competition between lots of different firms that all use similar software. If a criminal finds a vulnerability that can be exploited they have lots of potential victims that can significantly multiply. For mid-sized firms the risk is even more pronounced. Without large security operations in place, keeping pace with the fast-changing technical developments, policies and procedures can be a challenge. Adversaries are getting smarter, scams are becoming more convincing and the global pandemic means workforces are dispersed making it more difficult to ensure normal security practices are being observed.

To reduce complexity and simplify decision making, financial organizations need to unify processes and technology to harness the security intelligence that comes from across their own security programs and external sources to drive down risk. This will ensure organizations withstand disruptive events from hackers or adversaries and quickly be able to recover to protect the stability of their organization’s standing.

The importance of working together

No firm can tackle the problem alone. Experienced threat actors using advanced techniques are constantly targeting the accountancy sector so the industry needs to come together as a whole to foster a sense of collaboration and data sharing. While security tools such as firewalls, email filters, or enhanced endpoint protections can be purchased to solve individual problems, they don’t have the ability to talk to each other and therefore, valuable time is lost tending to individual systems that become a burden to run. At the same time, running multiple security systems is expensive. The more systems you have, the more highly skilled staff you need to manage them, and they’re few and far between.

Accountancy firms need to unify processes and technology to harness the security intelligence that comes from across their own security programs and external sources to drive down risk. All parts of the ecosystem need to unite and share information to learn from one another and succeed in the fight against international cybercriminals.

There is a wealth of information available from accountancy bodies, such as Action Fraud, The Fraud Advisory panel, the National Crime Agency and HMRC that offer advice on suspicious trends and scams that are being seen. Accountancy firms need to share intelligence on the threats and hazards they are seeing with other firms, industry groups, government agencies and other relevant authorities, to build industry specific insights into cyber security threats and quickly pivot to gain more information on those specific threats and threat actors. By working together, a picture can be painted on threats coming from all manner of malicious activity, from malware to ransomware, to phishing and software vulnerabilities.

Breaking down information and process silos

Having the right intelligence is not enough to ensure that intelligence is turned into action. Breaking down information and process silos across teams allows organizations to analyze and act on the most pertinent information. Everyone has access to the risk and threats that matter most, and orchestration and automation of responses helps overwhelmed firms to prioritize response plans and improve efficiencies in their security program.

Integrating internal security tools and technologies, while also connecting to external sources of intelligence, creates a single source of intelligence that feeds operations and enables organizations to direct action against the threats that matter most. The outcomes of those actions further feed intelligence, providing the ability to further refine the efficacy of the entire security lifecycle.

This approach provides a continuous feedback loop for the people, processes and technologies that make up the security program. It allows businesses to keep up with threat actors that are constantly adapting their methods to profit at the expense of others. Something that won’t stop anytime soon.

Ultimately, accountants have a large responsibility to their clients to remain aware of the latest and evolving risks in an increasingly digital age. Where once cybersecurity used to be an out of sight, back-office concern, it is paramount that it now becomes a fundamental part of IT strategies across organizations and a key pillar of both reputation and customer retention. It is vital that organizations leave no room for failure, as legislation, the cost of crime and reputational damage will prove too risky for them in the long term. All institutions need to ensure they have full visibility of their systems and can detect any potential threats as quickly as possible.

Miles Tappin, VP of EMEA, ThreatConnect

Miles Tappin, VP, EMEA leads ThreatConnect’s efforts in business development through the EMEA region.