Accountants might face an increasing risk of their IT systems being hacked, indicate recent cyber incidents.

Deloitte, one of the world's “big four” accountancy firms, was recently the target of an attack that compromised the emails and plans of some of the firm's blue-chip clients. So far, six of Deloitte's clients have been informed that their information was compromised, but an internal review is ongoing. 

Lines of defence

Accountants' sensitive data makes them a prime target for hackers looking for data they can then monetise. Firms should split their cyber defences against such attacks between:

1) Risk management, and
2) Post-breach damage/crisis management.
To optimise your cyber risk management, it is vital to run the latest versions of software, in particular browsers and operating systems, and keep them up to date. This can be achieved by taking the following simple steps:

1. Identify all the software used on your systems – it's easy to focus on Microsoft, but Adobe, Apache and so on must also be considered.

2. Monitor the release of new patches from vendors (specifically security patches, rather than feature patches) and apply them as soon as feasible. The software vendor will often assign a criticality that will help you identify the severity of the issue.

The more planning your company does before a breach, the better your chances of minimising the business interruption and reputational damage that can ensue.

3. Deploy vulnerability scanning to ensure the patches have actually been installed.

4. It's also important to train your staff to recognise the warning signs and avoid becoming victim to social engineering and other common cyber-criminal tactics. The following practices may help you to reduce security breaches that relate to human behaviour:

• Create a security policy that clearly outlines your company's rules regulating the handling of data access and passwords, use of security and monitoring software and so on.

• Make your employees aware of risks that their actions can pose to your company's security, and educate them on how to best handle work in a secure manner.

• Apply the principle of least privilege. Deny all data access by default and allow it whenever needed on a case-by-case basis.

Speed and accuracy

If you do incur a cyber breach, the speed and accuracy of your response can make all the difference.

The more planning your company does before a breach, the better your chances of minimising the business interruption and reputational damage that can ensue. Ensure any PR and comms resource you have plays an integral part in the pre-breach planning process.

Following a breach, a company invariably feels a tension between the need to communicate with customers quickly and the need to communicate accurately. To optimise the chances of striking the right balance, it's vital for a company to involve a range of stakeholders in the pre-breach planning stages. (See 'Cyber breach planning: building your A-team' for more analysis of this matter.) This should ensure that the timing and extent of your comms to third parties is a business decision that has factored in the various implications, and not just those of one or two divisions.

Typically you can retain customers' business if they feel that you have communicated with them the cause and effects of the breach quickly, accurately and openly, and have put them first.