67% of cyber breaches and attacks are successful due to human error or a password being weak and then compromised. Cybercriminals aren’t looking just at large accountancy firms, they are looking for vulnerabilities in your network and your staff.

As an accountancy firm, you will regularly store, manage, and oversee valuable financial data from your clients. You’re entrusted with sensitive business data, so accountancy professionals need to take those extra precautions and be aware of the threats.

What Cybersecurity threats do accountants face?

Whilst the number of cyber-related risks and threats continues to evolve and become even more sophisticated, anything that compromises the integrity of your service is a risk that needs addressing.

Cybercriminals want – financial data, Tax IDs, bank account details, payroll data and employee details. With many accounting firms all using similar computer software, if a criminal can find a vulnerability then this can be exploited across several potential victims.

Accounting Today said in 2020 that with the increase in the remote workforce and the ongoing COVID pandemic, there was a 300% increase in cyberattacks.

Many accountancy firms are making life easier for hackers by underestimating the threat they face. Attacks whilst often sophisticated, often are simple phishing emails (or text messages) that are sent at the year-end or when tax return deadlines are due.

Accountancy firms are also viewed as a “gateway” to sensitive information and seen as a soft target with fewer security barriers. If your firm has little or no in-house IT/Security expertise to stop a hacker, your staff must be trained as the first line of defence.

,The Register reported in January that Parasol group had disclosed a "cyber security incident" to customers by email, having previously made vague references to a "system outage”. The company is part of three firms all owned by Optionis Group, which is a "family" of "award-winning tax, umbrella and accountancy solutions" aimed at contractors.

This recent ,cyber security incident knocked out key systems, also causing significant disruption to the services of SJD Accountancy and Nixon Williams. Whilst details of the incident are scarce, both firms were forced to draft in external specialists to tackle the ongoing situation. The attack on Parasol affected not only the firm's ability to run payroll systems but also a flurry of negative PR with customers taking to Twitter to report a lack of payment.

How can training help accountants protect themselves?

As mentioned, 67% of cyber breaches and attacks are successful due to human error or a password being weak or repeated and then compromised. Giving your team regular training on the evolving world of cybersecurity and the latest tactics criminals are using is critical.

Cyber security is not just a responsibility for your IT department, everyone within an accountancy firm must have a general level of knowledge about the topic. With the scams in cyber and technology evolving daily, training staff regularly is one way that you can mitigate the risk that cyber-attacks pose.

Jade Hutchinson FCCA, Forensic Accountant, GMP said:

“It is important to ensure that your employees receive ongoing training in identifying scams, particularly those working in accounts payable, as the consequences of falling for attacks like Invoicing fraud can inevitably result in redundancies and the closure of businesses."

Here at the North West Cyber Resilience Centre, we offer Security Awareness Training that provides an introduction to cyber security, why it’s difficult, the latest threats and who it can affect. The training can be delivered virtually or at your offices by our security experts. Each of the modules is delivered to suit the knowledge levels of those attending the training, with the content broken down for all knowledge levels.

Our training has been designed so you can transfer the behaviours to both your personal and business activities. If a cyber-attack has happened to your business previously, we can help further educate your team to better understand how to protect your organisation and minimise the risk of this happening again.

Security Awareness Training not only features prevention techniques but also includes how to manage the situation if you do suffer an attack.

If you feel our Security Awareness Training could benefit your business get in touch and we can discuss how to support you today.

Further support for Accountants

For further information regarding the help and support, we can offer your accountancy firm (including fully-funded support) you can view our dedicated support page for accountants.