IMGCAP(1)]Just this past spring, the Obama administration did what many in the political and national security arenas have been advocating for some time make cybersecurity its own Department of Defense command on par with Central Command, the organization led by U.S. Army General David Petraeus whos in charge of all military operations in Iraq and Afghanistan.
The move couldnt have come at a more appropriate time, especially given the recent Wall Street Journal report that said Internet attacks against specific, mission-critical defense programs as well as the U.S. electric grid are growing in numbers and sophistication. The danger is real and is not merely limited to national security targets.
Whats more, CPAs are on similar front lines, suffering from comparable attacks and being forced to deal with the same issues every day. While an accountant wont usually die from such actions, compromised information networks can put his or her customers investments as well as their practice in dire straits.
The threats facing CPAs can occur on a near daily basis, and vary in size and scale. While the most common forms include viruses, spam and spyware strikes, cyber attacks can also include identity theft that can then be used to lure clients into divulging sensitive information for criminal purposes.
Disruption in Internet connectivity can also be the result of malicious hackers, and mean delay or disruption of service a big no-no since clients today demand real-time interaction with their service providers. So its time for accountants to follow the governments lead and make IT security a top priority.
Herein lies a big dilemma. CPAs are usually the chief cook and bottle washer of their practice, and are already stretched thin in both resources and time. Yet, swift action is required to meet this growing and complex cybersecurity issue. So here are two ways accountants can give IT security its due without increasing their overhead:
1. Set priorities
Oftentimes the biggest reason IT security initiatives fail is because people become overwhelmed by all of the things that could be implemented so they wind up doing nothing at all. The key is to set priorities as a function of the level of risk to the practice as well as their ability to scale.
Many telecommunications companies or security providers offer free or low-cost assessments to help small businesses do this. Its one of the best investments an accountant can make to determine how best to start countering cyberthreats.
2. Set up scalable systems
Make sure your IT budgets are optimized efficiently. An excellent way to do this is to ensure that the network security systems you put in place are both robust and easy to implement. Extensive set-up times may mean the tools become obsolete before theyre up and running. Second, any IT security network should have the capacity to grow as a CPAs practice does. Throwing out an entire computer infrastructure is never the way to go.
The good news is that there many reputable local companies to help small businesses and financial service firms set up their networks the right way the first time. Many will recommend implementing security appliances all-in-one systems that plug into a companys IT network and are typically up and running in less than a day. These same tools are continually updated with the latest software to counter the ever-evolving threats, so accountants can protect their systems while staying focused on serving their clients.
Keep this in mind if nothing else CPAs are just as much at risk for attacks as their government counterparts. Though the attacks may stem from different groups for different reasons, the impact can be just as damaging. Accountants can get ahead of the threat, even with limited resources, by setting priorities while implementing scalable tools that will do the heavy lifting for them.
Max Huang is the founder and president of O2Security, Inc., a manufacturer of high-performance network security appliances for small- to midsized businesses as well as remote branch offices, large enterprises and service providers. He can be reached at max.huang@o2security.com.