Cyberwarriors with Calculators

IMGCAP(1)][IMGCAP(2)]Computers, servers and the Internet are indispensable tools for financial professionals, and yet they are under relentless attack.

Financial professionals across the globe are encountering the sobering realities of a professional life where the raw materials of their trade—financial information, including the sensitive financial data of companies and individuals—are the most prominent and desirable targets for hackers and cybercriminals.

Accountants are at the epicenter of this threat because they work with the data, the personal identifiable information that cybercriminals target.

And yet, while these activities necessitate stronger engagement by accountants, they aren’t necessarily as confident in their businesses’ acumen at shoring up an formidable lines of defense.

Earlier this year, Pace University’s Seidenberg School of Computer Science and Information Systems surveyed members of the Association for Chartered Certified Accountants: managing directors, CFOs, senior VPs, and practicing accountants and associates from large generalist and smaller specialized public firms. Their responses illustrate deficiencies that leave their firms vulnerable:

• 56 percent of respondents in North America were more concerned with cybercrime than they were a year ago.

• 17 percent reported that attacks were routinely reported to senior executives, and less than 50 percent said breaches were reported to law enforcement.

• 32 percent had no knowledge of company policy on data encryption in transit or in storage.

• Auditors were more concerned about cybercrime today than a year ago (58 percent for auditors, compared with 48 percent for accountants).

• Only 27 percent of accountants felt their firms adhered to Control Objectives for Information and Related Technologies (COBIT 5) standards whereas 43 percent of auditors believed their firms followed the standards.

• Nearly 50 percent indicated it was somewhat or very likely that consultants would be hired after a breach.

Despite this, nearly 70 percent said they had a high or very high level of awareness of their company’s cyber risk management policies and procedures, and 57 percent maintained their IT systems were well-protected against cyberthreats.

The research demonstrated weak communication between line managers and senior managers about attacks and attempted attacks. We determined that the application of fundamental risk management cybersecurity practices was not applied consistently throughout some firms.

Contradictions arose between the theory of cybersecurity best practices and the realities of day-to-day practices, findings reflective of a profession adapting to the threat of serious external attacks on its processes and systems.

The present crisis and sense of exposure has left everyone—businesses, government and consumers—demanding that action be taken. Accountants are under more pressure and consumers are worried to the point where online commerce, banking and purchasing could slow after experiencing exponential growth.

Businesses, including accounting firms, will lose clients to companies who seem ‘safer’ from a cybersecurity perspective.

It is crucial that companies—and, especially, individual employees—begin to adhere to best practices. Government likewise is under pressure to respond, and so defense and intelligence agencies must ramp up their abilities to prevent cyberthreats.

One federal legislative measure on the table would provide protections for companies that suffer a breach of consumer data, so long as those firms share their information security practices and customer data with investigators.

This at-times uneasy working relationship between government and private industry warrants improvement. Inevitably, both parties will be forced to integrate their activities, technologies and systems, leading to closer integration between Wall Street, Silicon Valley and the Beltway.

Jonathan Hill is the interim dean at the Seidenberg School of Computer Science and Information Systems at Pace University. Warner Johnston is the head of ACCA USA, the U.S. arm of the Association of Chartered Certified Accountants.

For reprint and licensing requests for this article, click here.
Technology
MORE FROM ACCOUNTING TODAY