4 Harmful Misconceptions About Cybersecurity Held by Accounting Firms
Cybersecurity. It’s hardly a new concept, especially in the profession of accounting, which has long been a favorite target of cybercriminals due to the valuable sensitive personal and financial data accounting and finance professionals manage on a daily basis. And yet, it’s still an area in which many accounting firms are lagging far behind where they should be, despite the rising prevalence of cyberattacks.
This leads to a big, important question: Why do so many accounting firms disregard cybersecurity, leaving themselves vulnerable to attack?
In a new webinar, Luke Kiely, former cybercrime officer and CISO of SmartVault, addressed the top four misconceptions he’s encountered during his years of working with victims of cyberattacks and with accounting professionals looking to bolster their security. Do any of these apply to you or the leadership at your firm? Read on to find out.
Top 4 Mistaken Beliefs Accountants Hold About Cybersecurity
1. If you run a small firm or a solo partnership, you’re too small for cybercriminals to target.
The takeaway: No matter your firm size, you should be taking cybersecurity seriously. “Waiting for a breach to occur isn’t a viable strategy,” warns Luke, even as he acknowledges many accounting practices still do things this way. Make no mistake, “the financial losses of a cyberattack can be catastrophic. A single incident can outright cripple your business,” he cautions.
2. Cybersecurity is too expensive.
“Cybersecurity has to be done on a case-by-case basis,” he says. Create a budget, and implement measures that make sense for a firm that size of your organization. Also, remember: “You won’t necessarily see or feel the value of it if you’re actually protecting yourself against a threat. It can be hard to want to invest in something where you don’t get an instant ROI,” he says.
This leads him to another important point people don’t often think of: There are quite a few totally free cybersecurity best practices. Updating the software on your laptop or phone? Free. Creating a super-strong password? Also free. And these are incredibly strong cybersecurity measures experts like Kiely are practically begging accounting professionals to take regularly.
3. Even if my accounting firm is attacked, my clients know me, and I’ll be able to retain their business.
“Consumers must trust that when they use a service, it will deliver and be secure.” Simply put, a breach will negatively impact the level of trust your clients have in you, and that loyalty you’re counting on? It’s far more fragile than you think.
“Digital trust can easily be eroded by a security breach or privacy violation.” And once there’s been an attack at your firm, you’ll find news of it making its way into online reviews and ratings, as well as word of mouth recommendations, all of which are heavily used by modern clients to gauge the trustworthiness of an accounting firm. “One breach can be all it takes for customers to abandon a business completely for one that maintains digital trust. Your firm can be affected irrevocably, as can your ability to bounce back,” he says.
4. Cybersecurity is too difficult—it’s changing all the time.
But there’s good news, according to Luke. While cyberthreats are changing all the time, cybersecurity best practices actually aren’t. “Yes, cyberattacks are becoming more sophisticated, but basic protection remains the same. The protections have remained the same for arguably decades: things like educating your employees, creating strong passwords, and using multi-factor authentication.”
The takeaway? Implementing strong cybersecurity measures is not insurmountable for any firm. To learn more and hear what Luke advises firms do, watch the full webinar on-demand today.
To learn about using SmartVault to proactively protect your data, schedule a demo.