March 21, 2022

Proactively Preparing Your CPA Firm’s Data Security During a Global Crisis

Does your CPA firm have an emergency preparedness plan in case of a cyberattack? Given the United States’ recent response to the conflict overseas, cybersecurity experts are warning of retaliation against the U.S. by opposing countries, especially cyberattacks targeting U.S. financial institutions.

Knowing the threat of retaliatory cybersecurity is a real concern, it is critical CPA firms continue to improve their cybersecurity measures. Accounting firms need to be ready to implement proactive strategies to protect their data security in the event of a comprehensive cyberattack. We’ll review what CPA firms can do to protect their data and information security. We’ll also examine the important questions C-suite executives and IT professionals should be prepared to answer in the event of a global cyberattack. 

U.S. Government Recommendations to Protect Organizations from a Global Cyberattack 

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has developed a website to offer guidance to organizations of all scopes to take steps to improve their cybersecurity. This information is in direct response to concerns that threats may be made against the U.S. and its allies with cyberattacks in response to the conflict overseas. Below are mitigating steps CISA recommends to defend against possible global cyberattacks, applicable to CPA firms.

  • Prepare your organization. Confirm reporting processes and minimize personnel breaks in IT security. Cybercriminals are known to target organizations on holidays and weekends, when there are gaps in organizational cybersecurity. Have a cyber incident response plan, resilience plan, and continuity of operations plan, to ensure critical functions and operations can remain running if technology systems are disrupted.
  • Increase your organization's cyber posture. Maintain industry best practices for identity and access management, protective controls, vulnerability, and configuration management. 
  • Implement multi-factor authentication. Develop an authentication system which requires more than one distinct authentication factor such as something you know (password), something you have (cryptographic identification device) and something you are (biometric). 
  • Use antivirus software. It is recommended organizations use industry recommended antivirus programs. Organizations should program antivirus/antimalware programs to conduct regular scans. Cetrom provides comprehensive state-of-the-art anti-spam/antivirus prevention and protection. 
  • Create internal contact lists and surge support. Assign primary contacts for a suspected incident as well as roles and responsibilities for specific staff. Confirm personnel know how and when to report incidents. 
  • Patch all systems. Focus on patching any known, exploitable vulnerabilities. 
  • Store data and information in encrypted databases. Data can be very susceptible to cyberattacks, so storing it in an encrypted database can deter cybercriminals from accessing the information. 
  • Remain vigilant on potential cyberthreats posed by international threats. Increase organizational attentiveness and receive notifications from CISA regarding security threats. 

Hackers outside of the U.S. have significant cyberattack capabilities, which have been employed historically involving ransomware attacks, data theft, destructive malware, and denial-of-service attacks. Accounting firms are prime targets for cybercrime for specific reasons due to all the sensitive, confidential, and potentially lucrative information they have in their systems. 

Why Would Global Cybercriminals Target CPA Firms? 

CPA firms are prime targets because of the sensitive, confidential, financial information accounting firms amass. Hackers target CPA firms for explicit information and then use the data to steal assets, ransom it or sell the data to the highest bidder.

  • Obtain confidential, personal data. Cybercriminals seek client data from CPA firms such as birthdays, addresses, Social Security numbers, and other personal information. The data is used to target and steal from specific clients or to sell the data to other criminals who specialize in identity theft. 
  • Attain financial information. Cyberattacks on accounting firms seek specific account numbers, tax records, credit card information and employee identification numbers. 
  • Gain tax records. Cybercriminals file fraudulent tax returns from information obtained from CPA firms. They steal tax returns and use the information for additional identity theft. 

What Can CPA Firms Do To Combat the Threat of Global Cyberattacks? 

Accounting firms have significant responsibilities to protect their clients’ information from potential global cybercriminals. Adhering to the CISA guidelines is an important proactive plan for CPA firms. More specific cybersecurity strategies are examined below.

  • Investigate cyber insurance. C-suite executives should determine if specific cybercrime insurance coverage includes state-sponsored cyberattacks such as what might be initiated by outside threats. 
  • Review business continuity plans or recovery plans. Make sure the CPA firm’s continuity or recovery plan is up to date and ready to be implemented in a global crisis. Question: if the accounting firm’s IT systems go down, how can accounts be managed and communication continue with personnel and clients. Make sure important contacts are up to date and available as a backup plan. Examine how the CPA firm would obtain backup of their extensive data.
  • Examine the CPA firm’s supply chain. Determine whether the firm does or does not have a hidden dependence on internationally-based software engineers, code writers, or hosted services that are tied to overseas conflict. 
  • Empower the firm’s teams to reach out to IT professionals. Encourage personnel to connect with peer networks, vendors and the FBI to mitigate cyber intrusion. Support communication with intelligence personnel at peer companies, as well as local and federal government agencies monitoring ongoing global threats. Keep up to date with CISA information. 
  • Encourage a “security mindset” in employees. Ensure passwords are strong, require multifactor authentication, and remind personnel phishing is still the most common cyberattack modality. 

During a global crisis or global cyberattack, implementing an interconnected business continuity plan and a cohesive organizational plan with effective communication is imperative. The CPA organization should encourage various supporting teams to work together to strategize and proactively plan for cybersecurity measures. 

How Can Cetrom Support CPA Firms to Proactively Prepare for Global Crisis?

Cetrom offers a multilayered security approach, designed to protect CPA firms from cyberattacks—even global, state-sponsored attacks. C-suite executives and tech professionals understand the necessity of having a cloud-based solution for cybersecurity needs, particularly during these uncertain times of international conflict.

Cetrom is a well-established IT provider with the expertise and knowledge to prevent, detect, and combat destructive viruses, malware and ransomware, regardless of the nefarious cybercriminal’s locale or motivation. Cetrom’s expertise is focused 100 percent on the cybersecurity of CPA firms. Their specialty is hosting accounting-specific operations, especially in storing and protecting sensitive data. Cetrom offers advanced artificial intelligence security technologies. They provide cybersecurity training for employees, ongoing network support, and 24x7x365 cloud accessibility.

Concluding Thoughts

The recent tragic events overseas has the world in a heightened sense of awareness of the potential damage cyberattacks could levy on organizations. C-suite executives and IT professionals recognize the imperativeness of focusing energies on cybersecurity during these unstable global times. They also know that the professional support and proactive preparedness they can provide to their CPA firms are positive steps in addressing the potential crisis facing the world.  

Contact Cetrom today to learn more about how we can help answer your cybersecurity questions and implement state-of-the-art security measures for your CPA firm. 

Contact Us

AI and Tax Preparation: Opportunities and Risks for Accounting Firms

Artificial Intelligence (AI) is revolutionizing industries worldwide, and accounting is no exception. Tools like ChatGPT and Microsoft Copilot are..
November 25,2024

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like this, it would be a better world...

- Mid-sized
View All

One of the things we appreciate wholeheartedly about working with Cetrom is how great the people in the service area are and the high-level of responsiveness we have received. I’ve been very pleased..

- Mid-sized
View All

Cetrom’s services and support really stood out against the other cloud vendors. We thought their Citrix delivery platform would have a higher level of adoption because our employees would have the..

- Mid-sized
View All

Our accounting services users working in the field have greatly benefited from our migration to the cloud. They’re now able to be much more efficient while working in a client’s office because they..

- Mid-sized
View All

The decision to migrate to the cloud was one of the best business decisions Rub & Brillhart has made. It required an investment, but we have determined that our year two IT costs will be reduced by..

- Midwest
View All

Our migration process with Cetrom was very smooth and we had an excellent experience with their support during the demo process. We have 24/7 monitoring on our onsite equipment and they have the..

- Small
View All

We are extremely happy with the service and support we receive from Cetrom. Our staff is more efficient overall in our day-to-day activities and we don’t have any downtime. It’s a good feeling..

- Mid-sized
View All

Cetrom is an extremely cost-effective option for IT services. Not only do we receive significantly improved customer service, but we were also able to add a new VoIP system, better internet service,..

- Mid-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- Mid-sized
View All

We use two programs that often posed a challenge for our previous IT providers. Cetrom handled the situation professionally, coordinated with the software vendors, did all the backend testing, and..

- Mid-sized
View All

After interviewing and reviewing the proposals from various IT providers, it was really a night and day comparison about price, service, and performance—Cetrom was just outshining the others on every..

- Mid-sized
View All

I just want to drop you a line and let you know how pleased we are with our move to Cetrom. Your people knocked it out of the park for us and are doing a great job getting us up and working. On our..

- Small-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- 97%
View All

Cetrom’s Cloud Computing offers a high-quality, reliable and secure alternative to traditional IT management and provides immediate access to all my IT resources whether I’m in the office, at home or..

- High-quality,
View All

blog Archives

See all

AI and Tax Preparation: Opportunities and Risks for Accounting Firms

Artificial Intelligence (AI) is revolutionizing industries worldwide, and accounting is no exception. Tools like ChatGPT and Microsoft Copilot are..
November 25,2024

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like...

- Mid-sized
View All

Blog Archives

See all
Is Cetrom Your Cloud Services Solution?