(800) 931-6557
(800) 931-6557
ASP
  • Home
  • Accounting
    • FAQ
  • Recruiting
    • Recruiting Team
    • Recruiting Process
    • Recruiting FAQ
  • Openings
  • Oregon
  • Washington
  • Colorado
  • About
    • Clients
    • Testimonials
    • Diversity, Equity and Inclusion
    • Resources
    • Submit Resume
  • Contact
  • Payments
  • Blog
  • Home
  • Accounting
    • FAQ
  • Recruiting
    • Recruiting Team
    • Recruiting Process
    • Recruiting FAQ
  • Openings
  • Oregon
  • Washington
  • Colorado
  • About
    • Clients
    • Testimonials
    • Diversity, Equity and Inclusion
    • Resources
    • Submit Resume
  • Contact
  • Payments
  • Blog

​In Pursuit of Profit

Read our expert article below or sign up to get articles sent to your inbox.​

10/11/2022

Comments

Is your Accounting Team Plugging Cybersecurity Holes?

 
This year cyber risks topped worldwide business concerns, and with good reason. According to recent data, cybercriminals can breech an estimated 93% of company networks. And where there is opportunity, there are people willing take advantage of it. In fact, cyberattack attempts are up 50% over last year, which is an especially shocking statistic considering cyberattacks were already up 50% YOY from 2020 to 2021. 
Picture
A businessperson’s hands on a keyboard with a digital lock overlay
However, even in light of these kinds of trends, there is still a fallacy that small businesses have less to worry about than their larger corporate counterparts. This mistaken belief comes from the assumption that big corporations have a bigger target on their backs because they have more of the things that are worth stealing (sensitive information, customer data, money, and so on). But what this line of thinking fails to consider is that larger companies also typically have more safeguards in place to protect their assets. Big corporations typically have not only the technology needed to be more buttoned up, but also the policies, procedures, and personnel in place to better protect themselves. As a result, cybercriminals are increasingly targeting smaller organizations. In fact, in his book "Fire Doesn't Innovate," Kip Boyle reveals that a ransomware attack on a small business these days costs the organization an average of $4M. 
​
As cyber security threats continue to evolve businesses and their employees must be on guard at all times. Organizations of all sizes, but especially small-to-medium sized businesses (SMBs), need to be able to identify today’s most common cyber scams and equip their staff to prevent them! 
Today’s Most Common Cyber Scams
When you think of a cyberattack, do you picture an anti-social computer genius dressed in all black working in a dark room with a whole row of huge glowing computer monitors? That’s how TV and movies would have us imagine it. In reality, hacking requires very little technical expertise and is easily done with only basic technology.
​
The rise in cybercrime that we are experiencing globally right now is due to technology becoming ubiquitous across the globe. With smart phones and computers in so many people’s hands there is both a greater opportunity to engage in cybercrime, and greater effectiveness when doing so because so much of life is lived online these days.

Familiarize yourself with today’s most common cyber scams:
  • Phishing – Phishing scams involve sending some form of communication (an email, a text message, etc.) from what appears to be a trusted source (a vendor, a bank, a partner company, etc.) that asks recipients to provide some sort of information (credit card information, login credentials, etc.).
    ​
  • Malware – Some phishing scams try to bait recipients into clicking on a link or downloading something (a software update, a white paper, etc.) to get malware on their computer. Once on there, malware is a nefarious piece of software meant to gain unauthorized access to the device to disrupt or damage it to cause harm to the owner’s employer.

  • Ransomware – Ransomware is a program that takes over a person’s device and holds the files and information stored on it hostage for money. When the owner pays the ransom, the items are given back or access to the device is restored… sometimes. Other times, more money may be demanded later, or the information may be deleted anyways. Depending on the complexity of the attack, the files may be duplicated and stolen anyways even if the victim pays so they can be sold. Ransomware is typically aimed at individuals, not companies. However, with so much business being done on personal devices these days, an individual ransomware attack can have serious business implications as well.  

  • Invoicing Scams – Invoicing scams involve sending fraudulent invoices to companies in the hopes that they will pay them. The most effective invoicing schemes use existing vendor accounts to send additional invoices for items that were never delivered or services that were never rendered. If unchecked, these types of scams can go on for months or years, resulting in a huge payday for the cybercriminals involved.

  • Insider Threats – While most cyberattacks originate externally, some come from within instead. Remember, fraud can happen at any company, which means that while you work to protect your business from cybercriminals, you should also be concerned with what kind of vulnerabilities exist internally as well. A Forbes article on the financial implications of cyber threats explains, “Security threats don’t only come from external parties. There has also been a notable increase in the number of security breaches coming from insiders. Internal teams that have access to systems and customers’ data pose a threat.”

Employees should be trained on how to spot these types of scams and provided with information on how to report them. This kind of training should be ongoing to combat not only today’s security risks but tomorrow’s as well.

Assessing Vulnerabilities
People, processes, systems, and networks create vulnerabilities for businesses. When you are looking for cyber security holes to plug, these are the biggest culprits to focus on:
  • Weak and/or infrequently changed passwords
  • A lack of formal policies and procedures
  • Cloud software
  • Mobile device usage
  • Use of unsecured public and home networks
  • Third-party exposure by vendors, service providers, and partners
  • Software or network configuration mistakes

Once you have identified where your biggest vulnerabilities are, make a cybersecurity checklist to ensure you do not miss anything important. Some security vulnerabilities will be quick and easy to fix. For instance, requiring all employees to connect through a VPN (Virtual Private Network) when working in public is one simple way to increase your level of protection. However, some other fixes are far more difficult and costly to implement. As an example, switching accounting platforms to one with more robust security protocols can be a big undertaking. However, if it is better positioned to protect the company’s financial data, the time and money tradeoff is worth it compared to leaving the company exposed.
Lean on your financial staff for recommendations. An experienced financial leader will be able to best advise on how to follow Security Six safeguards with your data.

Minimizing Risk
A good accountant or accounting team should be married to their internal controls, upholding all of the following accounting controls in any environment:
  1. Segregation of Duties
  2. Access Controls
  3. Required Approvals
  4. Assets Audits
  5. Financial Document Templates
  6. Trial Balances
  7. Reconciliations
  8. Data Backups

Remember, the best way for your accounting team to protect your company from cyber threats is to follow your controls procedures every single day with every activity they touch. If you don’t believe us, find out how these types of internal controls protected a company we know from losing $50,000 in a cyber scam earlier this year!

If you are ready to bring on an experienced accountant to help protect your business, please contact us! We have a team of reputable consulting accountants ready to help you keep value in your company and keep cybercriminals out.

Find out more about how our seasoned accounting professionals have helped other businesses like yours. 
Comments

    SUBSCRIBE:

    DOWNLOAD:

    The Ultimate New Business Formation Checklist

    DOWNLOAD:

    Accountant Evaluation

    Categories:

    All
    Accountant
    Accounting
    Accounting Systems
    Audit
    Bank Reconciliation
    Benefits
    Bookkeeper
    Bookkeeping
    Brand
    Budgeting
    Business Analysis
    Business Trends
    Cash Flow
    Change Management
    Checklist
    Closing The Books
    Colorado
    Community
    Contracts
    Controller
    Depreciation
    Ecommerce
    Economy
    Finance
    Fraud
    Government
    Hack
    Hiring
    HR
    Infographic
    Internal Controls
    IRS
    Laws
    Leadership
    Legal
    Local Economics
    Manuals
    Market Trends
    News
    Nonprofit
    Online Bookkeeping
    Oregon
    Outsource
    Payroll
    Payroll Taxes
    Planning
    Procedures
    QuickBooks
    Record Keeping
    Recruiting
    Recruiting Market Reports
    Remote Workforce
    Reporting
    Restaurants
    Risk
    Sales Tax
    Scam
    Security
    Small Business
    Social Media
    Software
    Startup
    Statistics
    Strategy
    Taxes
    Technology
    Time Management
    Washington State

    Archives:

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    June 2015
    February 2013
    October 2012
    November 2011
    May 2011



    RSS Feed

Services

Accounting Services
Recruiting Services

​

Company

About
Oregon Team
​Washington Team
Colorado Team
Clients


Support

Contact
CC
FAQ
​Resources
​Blog
​

ASP

Your resource for accounting & recruiting services. Serving Seattle, Bellevue, Redmond, Kirkland, Portland, Beaverton, Hillsboro, Lake Oswego, Denver, Lakewood, Aurora and more.
Contact us today for a free,
no-obligation consultation:
Toll Free (800) 931-6557
WA (425) 492-1901
OR (503) 473-0122
​CO
(720) 572-8211
info@asp-nw.com
© COPYRIGHT ASP - ALL RIGHTS RESERVED 
 A CFO Selections Company
Privacy Policy