According to USA Today , at a recent cyber security event the FBI issued a warning emphasizing just how frequently hackers have been able to steal financial records. In fact, in the last 12 months, 500 million financial records have been stolen in data breaches and other hacks.
Of course, this shouldn't come as much of a surprise to anyone who pays even the slightest bit of attention to the news. Stories of major data breaches have been coming out every few weeks. But does any of this matter to accountants and finance professionals?
As the owner of a small accounting, bookkeeping, or finance firm, you've probably fielded questions about your cyber security and whether your firm might be hacked in the same way that larger financial institutions have been. The short answer is yes. Let's look at what a data breach at an accounting firm involves and what you can do to prevent cyber attacks.
Case Study: Data Breach at Small Connecticut Accounting Firm
The Monroe Courier reports how one small Connecticut accounting firm was hacked, losing 900 clients' records in the process. According to the Courier, the firm, an all-purpose accounting outfit with fewer than 10 accountants, had to inform its customers that criminals had stolen their data and might use it for identity theft.
Such a breach was undoubtedly damaging to the accounting firm's reputation. When you've built up a client base over years of hard work and have to inform them that their Social Security numbers and financial records are now in the hands of criminals looking to commit fraud, you might take a bit of a P.R. hit.
That's because data breaches aren't just about lost data. They're about lost trust. And small accounting firms rely on that trust to maintain their client base. We'll look at what you can do to manage the financial and technical risks of data breaches, but don't forget that a data breach could do irreparable harm to your business's reputation.
Three Tips to Improve Your Firm's Cyber Security
These three strategies can help accounting firms strengthen their firm's tech defenses, prevent data breaches, and guard against the financial losses that come with a cyber attack:
- Work with IT professionals. Hire an IT consultant to set up your firm's network and make sure your data in encrypted and protected. Part of your professional responsibility as an accountant is to make sure that data is secure when it's in your custody.
- Invest in Cyber Liability Insurance. Cyber Liability Insurance (also called Data Breach Insurance) pays for the cost of cleaning up a data breach and contacting your clients about their compromised data. Cyber Insurance also pays for P.R. experts and crisis managers to handle your breach response and limit damage to your reputation.
- Have a data breach response plan. CPA Practice Advisor reports that data breaches at small accounting firms have increased, and that it's important to have a response plan in place. This plan should outline what you need to do and whom you need to contact after a data breach. It should be a step-by-step guide to what you need to do to comply with state and federal laws and inform affected customers about the incident.
While the national media mainly focus on data breaches that occur at large financial institutions, the truth is that cyber attacks can and do occur at small accounting firms. But it's not as if you're helpless. By taking action to implement a risk management strategy, you can prevent attacks and limit your financial risk exposure.