2 min read

3 Steps For Battling Cyber Thieves In Your CPA Practice

Cybersecurity is an issue that threatens every industry including CPA practices. A Cost of a Data Breach Report found that the “average global cost of a data breach...was $3.92 million in 2019”.

It’s more important than ever for CPAs to develop a data security plan to protect clients’ private information. It some cases having a plan is a matter of federal and state law.

We offer 3 steps for battling cyber thieves in your CPA practice.

Why A Cybersecurity Plan Matters

As a CPA you handle a lot of sensitive client data. Information like social security numbers tax ID numbers bank account numbers and the like are prime targets of cybercriminals. In some cases the thieves can actually file fake tax forms and defraud your clients of their tax refunds.

The Cost of a Data Breach Report found that the top 3 causes of data breaches in most enterprises are:

  1. Malicious & criminal attacks (51%)
  2. System failures & glitches (25%)
  3. Human error or neglect (24%)

Developing an information security plan is vital in order to shore up vulnerabilities and protect sensitive data. Here are three steps to take in creating an IT security plan.

Step 1: Update Antivirus Software

The most basic information security plan should start by using antivirus software or apps. Be sure to keep this software updated. It serves as your first line of defense.

Step 2: Educate and Train Your Employees

Many data breaches occur because of risky behaviors on the part of employees. Phishing schemes and emails that contain malware are popular tools of cyber thieves. These schemes are designed to steal data or invade networks when someone clicks on malicious links.

Downloading illegal software or content and visiting unauthorized websites can also put your system at risk.

To protect your data it’s important to train employees and establish cybersecurity protocols for them to follow.

Step 3: Comply with Federal and State Regulations

Federal law requires all CPA firms to create a written data security plan. Many states have laws that surpass federal statutes so make sure you are familiar with those regulations as well.

The Financial Services Modernization Act of 1999 set new guidelines for financial entities including CPAs.

FTC Safeguard Rules state that professional tax preparers must enact information security plans in order to protect client data.

A data security plan template must include:

  • Designating employees to coordinate an information security plan
  • Identifying risks that affect client information
  • Evaluating the effectiveness of current cybersecurity measures
  • Designing & implementing safeguard programs
  • Monitoring & testing safeguard programs
  • Selecting a service provider to maintain safeguards
  • Making adjustments to your IT security plan as needed 

For complete regulations download “Protect Your Clients; Protect Yourself: Tax Security 101”. The report outlines guidelines as part of a Security Summit awareness campaign in conjunction with the IRS.

Protect Your Clients Protect Your Business

It is vital for CPAs to develop a security plan in order to protect sensitive client data. Failing to do so can cost you millions. It can also lead to fines or legal action if you don’t comply with federal and state regulations.

How to Avoid Healthcare Data Breaches With Data Encryption

How to Avoid Healthcare Data Breaches With Data Encryption

Reported in 2020 over 81% of the American population had data exposed through a healthcare data breach. If that number disturbs you it should.

Read More
How to Prevent Data Breaches Within Your Business

How to Prevent Data Breaches Within Your Business

The average cost a business in the United States will suffer due to a data breach is $7.91 million.

Read More
Everything You Need to Know About Phishing Prevention

Everything You Need to Know About Phishing Prevention

Cyber attacks are one of the biggest threats facing businesses. It seems like every few weeks a major global company is hacked.

Read More