2 min read

Cybersecurity threats to accountants

Cybersecurity threats to accountants

Accountants deal with thousands of pieces of data every day which makes them a high target industry for cyber crimes. The ever-changing landscape of cybersecurity means you must keep a regular check on your defences. Some sectors are higher targets than others and they may need extra measures in place. Here we list the biggest security threats an accountancy firm faces today.

Phishing

Cyber Security

Phishing is a type of cyber-attack that will try to trick people into disclosing confidential information or transferring money to an unknown source. On a base level, there are two different types of phishing attacks:

1. Untargeted
2. Targeted

 

 

Untargeted Phishing

An untargeted phishing attack will cast out some ‘bait’ to a large number of people trying to get anybody to click a malicious link that has usually been delivered by email. As the title suggests, the attackers will not go after a particular person or businesses. As the attack targets anybody it makes the attacks quick to create and execute. The contents of phishing attacks change on a regular basis due to them having a short life before they get compromised and blocked. The majority of the time they’re easy to spot, and have a low success rate but can catch out people who aren’t clued up on cyber security.

Targeted (Spear) Phishing

‘Targeted (spear) phishing’ is an attack that will target a particular user or businesses. These attacks can take months to plan and execute as they require extensive research. The carefully thought out attacks will be personalised looking to strike a chord with the recipient. Imagine two people are fishing at a pool. A fisherman (untargeted phishing) will be trying to catch a fish in the pool. Meanwhile, a spear-fisher (targeted phishing) will be trying to catch a specific fish.

Why cybercriminals try phishing on accountants

Accountants are a goldmine of information. Due to a plethora of 1financial data stored on their systems, it is a high target for cybercriminals. Despite this, employees quite often don’t have the correct cybersecurity training and can accidentally fall victim to an attack. Which brings us on to our next point.

 

Your employees

The most significant threat to your data can be the people you employ. Without the correct cyber security training your business is at considerable risk. The majority of cyber security attacks happen due to human error. You should have a security protocol in place that all your employees have sufficient training in.

This protocol could include things such as secure passwords and keeping records of wi-fi usage. You could use a team training day to make sure everybody is aware of what is expected of them from a cybersecurity standpoint. Your business should also be wary of malicious insiders.


Identity Theft

Not only are accountants a target of identity theft themselves but the records of people that they store are too. All data must be protected and now compliant with the new General Data Protection Regulation (GDPR). For any applications used, two-factor authentication should be in place as an extra level of security. If somebody was able to steal your identity how many things would they have access to at your place of work?

The Risk of Fines

If you don’t follow the guidelines of the previously mentioned GDPR, you could face fines depending on the severity of the of the infringement or lack of defences shown. These fines can be up to £20 million or 4% of your annual global turnover. What would that cost your business? While the penalties are a last resort, being proactive is the best approach to IT and security.

Working in accountancy is a high-risk business and you have to have the correct protections in place. Implementing these can be a daunting task but that’s where we can help.

 

Make your business cyber safe

If you’re looking to make your business cyber safe, remember to lean on an expert and ask lots of questions. Take a look at our security packages to understand what good cybersecurity looks like for a small accountancy firm. If you still have questions about your business' cybersecurity, then why not schedule some time with one of our experts.

Cybersecurity

Security Packages

 

What happens in a cyber-attack? Cyber-criminals negotiations

What happens in a cyber-attack? Cyber-criminals negotiations

Last week, details of FatFaces’ cyber-attack surfaced. Some incredible details were reported from the attack, including screen shots of negotiations...

Read More
Cyber Essentials Checklist: Is your IT company competent to help you pass?

Cyber Essentials Checklist: Is your IT company competent to help you pass?

Many businesses turn to their IT company to help them pass Cyber Essentials accreditation. The National Cyber Security Centre (NCSC) recently...

Read More
National Cyber Security Centre (NCSC) warns UK organisations to bolster their cyber resilience

National Cyber Security Centre (NCSC) warns UK organisations to bolster their cyber resilience

Following the distressing news of Russia’s invasion of Ukraine, Lindy Cameron, CEO of the National Cyber Security Centre (NCSC) has advised all UK...

Read More