Cybersecurity in accounting: threats, best practices, and future trends

Accounting firms are an attractive target for cyberattacks due to the private financial data they manage. If such data is stolen or exposed, it can put the welfare of clients and the reputations of accounting firms at risk. At the same time,  cyberattacks are increasing with the popularity of cloud computing and software. 

The good news is that there have been innovative developments to prevent these attacks. Still, accounting firms need to be proactive in protecting client data by staying aware of threats and implementing the right security measures to prevent them. 

This article details must-know cyber threats, best practices, and future trends worth keeping an eye on — so you can arm yourself with both the tools and knowledge to protect your practice and clients.

Key cybersecurity threats in accounting

Did you know that the financial services sector is 300 times more likely to be targeted by cyberattacks than any other sector?

In the accounting industry, some cyberattacks are more common than others, involving calculated methods to access and steal sensitive financial information.  

A successful attack can result in a firm facing:

• Business disruption
• Reputational damage
• Data loss
• Financial loss

So this makes it vital to understand the various threats and the risks they pose.

Phishing

Phishing attacks are specifically designed to deceive a target into revealing sensitive information. This can include financial data, login information, and personal details. 

Phishing is common in the finance industry, with attacks often personalized in an effort to gain the target’s trust. 

Phishing methods can include:

• Emails from a sender pretending to be someone familiar
• Links to sham websites that appear legitimate

Clients, firm members, and firm owners can be targets here, making phishing a cybersecurity threat that requires constant vigilance. 

Ransomware

Ransomware is a type of malware (malicious software) designed to obtain valuable information from a system. Once obtained, it can make the data inaccessible until the owner pays a ransom.

This threat can be hard to detect, as the process can occur “in the background” after a target downloads and installs the ransomware unknowingly — often through phishing methods.

As a ransomware attack typically results in the victim losing control of their system (and the data stored on it), it can lead to an accounting firm experiencing total data loss if a ransom is not paid. 

Insider threats

Insider threats refer to data breaches that can occur due to the unintentional or accidental actions of an organization’s current and former employees. 

For accounting firms, this can include:

• Negligence with passwords
• Careless disclosure of sensitive information
• Firm members not following standard operating procedures regarding security

Insider threats also refer to the deliberate actions of current or former staff that threaten cybersecurity, which may be motivated by theft or sabotage.

Cybersecurity best practices for accounting firms

You can greatly reduce the risk of a cyberattack by making sure your firm is following industry best practices for cybersecurity. 

In short, this involves equipping your team with both the knowledge and tools to manage financial data securely, ensuring your firm and clients are protected to the greatest extent possible.

Stay up to date on new threats and security measures

The first port of call is to stay in the know about cybersecurity developments. This includes the latest threats and the necessary measures your firm needs to counter them. 

Check it out: the IRS Dirty Dozen lists the most common threats targeting taxpayers and tax professionals.

As simple as it sounds, staying aware of new threats and security measures is an effective defense strategy in itself — as it can mean the difference between identifying a potential cyber threat in advance and encountering a new cyberattack that you weren’t prepared for.

It’s also just as important to stay up to date on cybersecurity compliance and regulations, which we’ll cover in more detail later.

Establish your security requirements

Assess your firm’s operations from top to bottom to identify any areas that could increase the risk of a data breach. These include:

• Weak passwords
• Disabled spam filters
• Unencrypted data backups
• A lack of standard operating procedures for handling sensitive data
• A lack of access control for sensitive system data 
• Using software with insufficient security features
• Not using updated software, including antivirus and anti-malware programs
• Not using multi-factor authentication (MFA)
• Not using a firewall 
• Not using secure ways to share files

Once you’ve pinpointed any areas of risk, you can start establishing the security requirements that you need to improve or implement.

Train your staff 

Employee awareness can be an effective first line of defense. As a data breach can be caused by human error, it’s vital to train your staff on cyber threats and best practices. These include: 

• How to recognize security threats
• How to handle sensitive data securely
• How to maintain security best practices — such as using strong passwords and enabling multi-factor authentication

You can also devise an incident response plan for your team to follow. This can reduce damage control or even prevent a suspected threat before it develops.

Consider cyber insurance

Cyber insurance protects your firm from financial loss in the event of a cyberattack, so it’s worth considering. 

Like any type of insurance, coverage terms will vary, which makes it important to choose a plan based on the risk involved. What’s worth mentioning is that some insurers will carry out an initial risk assessment, helping you understand your firm’s risk level.

In some cases, having cyber insurance also ensures your firm meets certain legal and regulatory requirements. 

Opt for trusted software with robust security 

In addition to using antivirus, anti-malware, and anti-phishing software, it’s vital to opt for industry-leading software that provides comprehensive security.

As a prime example, TaxDome — our practice management software for tax, bookkeeping, and accounting firms — employs a number of industry-standard security measures to ensure the protection of all data, including:  

• Physical server security and data retention: TaxDome backs up data on Amazon AWS, regarded as the world’s most secure cloud computing platform 
• SSL: TaxDome encrypts all customer interactions via Secure Sockets Layer (SSL), receiving an A grade from Qualys SSL Labs
• Compliance standards: TaxDome is compliant with PCI DSS, GLBA, SSAE 16 SOC, HITRUST, PIPEDA, FPIS, eIDAS, and SOC 2, significantly increasing security policies for the management of data
• Two-factor authentication (2FA): TaxDome allows users to turn on two-factor authentication, adding an extra layer of security for logins
• Access rights: TaxDome provides the ability to manage employee access to client accounts and data — including account and contact information, chat threads, SMS threads, emails, time entries, tasks, and more

By having comprehensive security measures such as the above in place, you and your team members can confidently use the software knowing that your data is protected against cyberattacks and data breaches.

Real-world examples of cybersecurity incidents

The impact of a cyberattack can be huge, sometimes with lasting repercussions. 

Here are a few real-world examples of cybersecurity incidents in the accounting industry, highlighting the type of attack and the data that was compromised:

Deloitte cyberattack

Deloitte, one of the world-famous “Big Four” accounting firms, was targeted by a cyberattack in 2017. It caused a data breach of email addresses, usernames, passwords, IP addresses, and sensitive documents — putting Deloitte’s clients at risk of identity theft.

The cyberattack, caused by a lack of two-factor authentication on an administrator’s account, resulted in a lengthy, full-scale response by Deloitte. It involved containing the cyberattack, alerting government authorities, investigating the scope and reason for the cyberattack, and a full overhaul of its cybersecurity infrastructure. 

The data breach also raised questions about Deloitte’s security, damaging its reputation among clients and investors. 

“Acme”

Clients of accounting firms can also be at risk of cyberattacks. That’s what CFO Selections, a financial services firm based in Washington, describes in this true story about one of its clients that almost lost $50,000 due to a data breach.

Acme, falsely named in the story to protect the company’s identity, noticed a vendor in its cloud-based accounts payable list that had a suspicious change of bank information.

An investigation led to the discovery of a financial fraud attempt. The scammer behind the attack had infiltrated Acme’s system due to a risky combination of weak passwords, no multi-factor authentication, and minimal access permissions.

Accounting Today: When your client gets hacked

In this cyberattack story provided by CPA insurer Camico on Accounting Today, a hacker used a client’s identity to target a CPA firm — emphasizing how clients, not just firm members, can be victims of phishing.

Through personalized phishing methods and potentially weak security measures, the hacker was able to intercept communication between the client and the CPA firm, allowing them to communicate using the client’s email account. 

This resulted in the client’s funds being redirected to the hacker’s bank account. Significant amounts were already transferred before the firm realized it had responded to fraudulent emails.

Cybersecurity compliance and regulations

Cybersecurity compliance refers to the adherence to laws and regulations around cybersecurity. These are established by governing bodies. The purpose is to ensure businesses follow the most up-to-date industry standards for data privacy.

Compliance varies by industry and location. So it’s important to comply with the laws and regulations that apply to you, as not doing so can lead to legal implications.

Check it out: the AICPA Conceptual Framework provides an effective approach for identifying threats to compliance.

While compliance might sound daunting, it offers many benefits. It can not only help your firm prevent cyberattacks but also bolster your reputation — increasing the trust clients have in your firm.

Below are some of the main cybersecurity compliance regulations and standards that accountants should be aware of:

GLBA 

The Gramm-Leach-Bliley Act (GLBA) is a law that requires financial institutions to safeguard sensitive and confidential customer information. Some of the requirements for GLBA compliance include conducting risk assessments, training staff, and implementing an information security program.

GDPR

The General Data Protection Regulation (GDPR) applies to businesses that operate in the European Union (EU). It’s designed to protect personal data and customers’ rights. Some of the compliance requirements for GDPR compliance include appointing a data protection officer, managing and evaluating data collection, and regularly updating privacy policies.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that requires businesses and organizations to protect patient data. Accountants who manage transactions or handle any data that involves private health information must comply with HIPAA.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security requirements for processing credit and debit card transactions. Achieving PCI DSS certification involves twelve requirements. Some of these include setting up a secure network, securing cardholder data, and maintaining access control.

SOC 2

System and Organization Control (SOC 2) is a voluntary compliance standard established by the American Institute of CPAs (AICPA). To receive certification, a service provider’s adherence to security and privacy undergoes a third-party evaluation. Achieving SOC 2 compliance demonstrates high-level security and will establish your firm as a reputable service provider.

Future trends in cybersecurity for accounting

To protect your firm against cyberattacks, it’s just as important to keep an eye on future trends as it is to keep up to date with new threats and security measures.

For 2024, here are a few interesting future cybersecurity trends worth watching:

Cybersecurity insurance

We mentioned cybersecurity insurance above as one method for safeguarding your firm, as it can offer financial cover in the event of a cyberattack. 

But if you don’t have it or are not considering it just yet, it’s a trend worth mentioning here, as the global cyber insurance market has been forecasted to grow to $22 billion by 2025 (Statista).

This growth can be attributed to the increase in cybercrime, predicted to cost the world $9.5 trillion in 2024 (Cybersecurity Ventures).

Blockchain

Discussions in the accounting industry surrounding the use of blockchain technology — digital ledgers most notably used for storing cryptocurrency transactions — are increasing. 

This isn’t only due to blockchain’s popularity, expected to generate more than $94 billion in revenue by the end of 2027 (CompTIA), but also how it can help accountants reduce ledger maintenance and costs thanks to blockchain’s tamper-proof “blocks” that permanently store transactional records

Offering other benefits too, such as clear audit trails, smart contracts, and AI capabilities for reporting, compliance, and more, blockchain technology could play a bigger role in accounting sooner than expected.

Behavioral biometrics

With AI deep-learning algorithms producing increasingly convincing deepfake media, face and voice recognition might not be as safe in years to come — particularly in the financial sector.

Thankfully, that’s where behavioral biometrics — a new technology that can analyze user behavior to distinguish it from cybercriminal activity — can provide the tools for financial service companies and accounting firms to prevent such threats.

As it stands, the behavioral biometrics market is estimated at $2.13 billion with expectations to reach $7.22 billion by 2029 (Mordor Intelligence). 

Conclusion

Cyberattacks may be increasing — but so are the cybersecurity measures that are at your disposal to protect your firm and clients.

Bottom line, it all boils down to proactively equipping your practice with the knowledge and tech to prevent cyberattacks. This involves training your staff on best practices, staying aware of new threats, and using practice management software that provides comprehensive security features and data protection policies.

Looking to increase security for your firm? Book a free demo to discover why TaxDome’s innovative features won’t just simplify your accounting workflows, but also protect your firm’s data.