How Chartered Accountants can protect their practice against Cyber Security Threats
As a Chartered Accountant (CA), loss of critical financial data of your client due to a cyber-attack can have far-reaching consequences for your firm, like loss of reputation, trust and ultimately, loss of clientele. identity theft and fraud. With the growth in technology adoption, it’s imperative for you to protect your accounting practice against the cyber security risks.
- Symantec’s Internet Cyber Security Threat Report of 2017 ranks India as the 5th most vulnerable nation in the world in terms of cyber security breaches in 2016.
- According to CERT-In’s data, the number of cyber security incidents in India jumped from 44,679 in 2014 to 50,362 in 2016.
- In one of the security breaches in India, data of nearly 3.2 million debit cards were compromised.
- According to estimates of Kaspersky Lab, a single targeted cyber-attack can cost an enterprise more than USD 2.5 million.
- A study by leading IT firm Citrix and Ponemon Institute found that 91% of businesses in India are feeling vulnerable to cyber-attack.
- In 2013, a hacker stole tax returns of some 900 Connecticut residents in Fairfield County, altered certain details, hoping to collect refunds before the actual filers.
Measures to protect your practice from cyber-security threats
- Use Genuine Software
According to Business Practices firm EY, more than 60% of the software used by companies in India are unregulated, thereby, exposing them to cyber-attacks. When you are working with critical financial data, using genuine software is an absolute must.
Maya Ramachandran, Partner, Advisory Services Practice, EY, remarks, “Many organisations secure their hardware. However, they do not pay attention to the software used, which could be unregulated.”
Following best practices related to software compliance and licensing may involve some investment, but can potentially save you thousands of dollars in the long-run.
- Invest in Technology Solutions like Firewall and Antivirus
Cyber criminals are smart. You have to be smarter to counter their threats. Installing firewall and anti-virus software protects your system and computer networks from trojans, worms, and other malwares used by cyber criminals to hack your system.
An anti-virus for a single PC with a 3-year license is available for around Rs. 1,000. A single license 20-user firewall is available for approximately Rs. 28,000.
- Implement Cyber Security Culture
A joint report by ASSOCHAM and PwC on Securing the Nation’s Cyberspace notes that businesses should practice self-regulation, instead of just limiting themselves to cyber compliance.
Note that cyber security doesn’t end with installing anti-virus and firewalls. Human vulnerabilities are equally dangerous as software loopholes.
Basic security practices can go a long way in combating the menaces. Such measures include:
- 2-step authentication for accessing emails
- Implementing internet usage guidelines
- Using strong passwords for sensitive data
- Vendor Management
In all probability, your assets are being hosted and managed by an external service provider. Soha Systems Survey on Third Party Risk Management found 63% of data breaches attributed to a third-party vendor.
Working closely with your vendors is crucial to mitigate risks. You must understand your vendor’s:
- Security certifications
- Encryption measures
- Data management policies
These are critical to understand to know the level of risks you are exposed to.
- Developing Comprehensive Data Security Policies
A comprehensive data security policy with the given elements will help you protect your CA practice from falling prey to cyber attackers.
- Password management
- Internet usage
- Email usage
- Managing company-owned mobile devices
- Governing social media
- Overseeing software copyright and licensing
According to Scott Laliberte, the global leader of Protiviti’s IT security and privacy practice, “It’s imperative that leadership keeps a closer tab on the state of their organisations’ cyber-security programs. Particularly as new technologies are introduced and new approaches to generating revenue are deployed, it’s increasingly important to re-examine existing data security and privacy processes on a regular basis – ensuring that the right systems and people are in place to keep pace with changes.”
A holistic approach to cyber-security combined with the latest tools and the best practices goes a long way in protecting your practice from the threats lurking in the digital ecosystem.
We, at Bajaj Finserv, offer collateral-free CA loans with which you can deploy the latest technology to safeguard your practice from cyber-attacks, manage your firm’s working capital and expand your firm’s clientele. Get in touch with us to know more.