You might break out in a cold sweat at just the thought of criminals on the other side of the world stealing your clients’ or customers’ account information. After all, if some of the largest corporations and agencies of the federal government can’t prevent their systems from being breached, what can a Main Street CPA firm or medium-sized business possibly do against such a threat?
Reality is that as a CPA you can probably do more than you think. At a minimum, as a trusted business adviser, you should help your clients or employer avoid these common pitfalls:
- Classifying cybersecurity as an IT issue. Although IT has a support role involving intrusion detection and prevention, cybersecurity involves much more than IT. Today’s hackers increasingly focus their attacks on human rather than technical vulnerabilities. Cybersecurity is an enterprise risk management (ERM) issue. With some specialized training, CPAs are uniquely qualified to systematically assess and report on cybersecurity risks and implement controls to mitigate those risks.