• Home
  • About Us
    • Our Team
    • Our Mission
    • Testimonials
    • Service Areas
  • Services
    • Tax Services
    • Audit & Assurance
    • Accounting
    • Litigation Support
    • Valuation Advisory
    • Forensic Accounting
    • Business Consulting
  • Resources
    • Client Center
    • Online Tools
    • Important Sites
    • Timely Opportunities
  • MBA News
  • Careers
    • Senior Tax Accountant
    • Tax Manager
    • Bookkeeper / Accountant
  • Contact Us
  • Facebook
  • Google+
  • Linkedin
  • Savvy
  • Twitter
  • Home
  • About Us
    • Our Team
    • Our Mission
    • Testimonials
    • Service Areas
  • Services
    • Tax Services
    • Audit & Assurance
    • Accounting
    • Litigation Support
    • Valuation Advisory
    • Forensic Accounting
    • Business Consulting
  • Resources
    • Client Center
    • Online Tools
    • Important Sites
    • Timely Opportunities
  • MBA News
  • Careers
    • Senior Tax Accountant
    • Tax Manager
    • Bookkeeper / Accountant
  • Contact Us

Blog Post

Minimizing Your Risk of Cyber Breach

18 May 2015
Comment are off
MBA Site Administrator
Cyber Breach in St Petersburg Florida

Concerns about cyber threats disrupting core operations are now a top operational risk. During a May 8 question-and-answer session, Securities and Exchange Commission Chair Mary Jo White called threats to cyber security “the biggest systematic risk we have facing us.” She went on to say, “I don’t think we can give it a high enough priority in terms of trying to assess the risks that are there, assess the vulnerabilities, [and] clearly come up with strategies that best prevent, detect and then respond to cyber attacks.”

Take a Proactive Stance

Given the impact that breaches can have and the level of sophistication shown by perpetrators in recent breaches, it’s not a matter of if a breach will occur, but when and how it will occur.

Cyber data — including financial data, sensitive customer information and employee records stored on the cloud or on the company’s technology devices and networks — is one of the most valuable assets many companies own. Each year, management should evaluate what’s being done to protect these intangibles, where vulnerabilities exist and how to make the assets more secure. Here are some cyber protection best practices for you to consider.

Think Big (and Small)

Many hackers operate overseas, making them harder to identify and prosecute. So, think globally when assessing your cyber breach risks.

However, hacks are often perpetrated through the victim’s small or midsize vendors. That’s because smaller companies often lack the resources to put strong security measures in place — and hackers are ready, willing and able to take advantage.

Consider the 2013 high-profile security breach that caused Target to lose 40 million credit and debit card numbers. Hackers reportedly obtained information through a third-party heating and air conditioning vendor, which had access to the retailer’s computer network. The stolen credit and debit card data was then moved to a server in Russia.

Many other cyber crime incidents have also reportedly been linked to vendors with lax security.

Some companies limit outside access to their computer networks, refusing supplier and customer requests to share data. Others require vendors to verify their network security protocols. Some companies are establishing cyber security ratings — similar to credit scores — based on the amount of traffic to a company’s website coming from servers that are linked to cybercrime. As those ratings become more refined, managers may choose to avoid doing business with high-risk customers and suppliers.

Engage in “Cyber Hygiene”

Protecting against cyber threats is an ongoing challenge, not a one-time event. Every time a software, hardware or application manufacturer releases an update or patch, install it immediately on every device in a systematic fashion. Why? Hackers constantly troll for the latest patches and updates because they show where vulnerabilities exist. If hackers are nimble, they can exploit these vulnerabilities to steal data before customers have a chance to install the fix.

Another useful prevention strategy is requiring periodic changes to log-in passwords. Hacked passwords can cause a domino effect, because people tend to use the same password for multiple accounts. For example, when Adobe lost 33 million customers’ log-in credentials, other websites discovered that their accounts were being accessed using passwords stolen from Adobe. Some companies also use a security question or require users to select a preferred image to add another layer of identity verification.

Limit Access

Companies often have more devices connected to the Internet than management realizes. Moreover, when employees take devices out of the office, they expose data to less-than-secure home networks and public hotspots that provide wireless Internet access. Evaluate which devices need to be connected to the Web and take steps to minimize off-site risks. Consider limiting which employees can work from home, educating employees about the risks of cyber breaches and installing encryption software on devices that link to external networks.

Encryption may create compatibility issues when sharing data with other companies and slow down data transmission. But it can be a powerful and cost-effective tool in the battle against cyber crime.

Seek Outside Help

Cyber security is an important task that few organizations can handle exclusively in-house. Consider seeking outside help to reinforce your current information technology (IT) policies and procedures. For example, a growing number of small and midsize companies use outside computer security companies to evaluate vulnerabilities in their network and test how well in-house IT professionals are securing their networks.

Another popular security measure is cyber liability insurance. Professional and general business liability insurance policies generally don’t cover losses related to a hacking incident. Cyber liability insurance can cover a variety of risks, depending on the scope of the policy. It typically protects against liability or losses that come from unauthorized access to your company’s electronic data and software.

Instead of purchasing a standalone cyber liability policy, you can add a cyber liability endorsement to your errors and omissions policy. Not surprisingly, the coverage through the endorsement isn’t as extensive as the coverage in a standalone policy.

In addition, external auditors can help companies evaluate their exposure to cyber breach risks. Risk assessment is an important part of year end audit procedures, so CPAs are familiar with ways to identify and reduce cyber breach risks. Failure to protect valuable intangibles against the risk of cyber breaches can turn this valuable asset into a costly liability.

 

© Copyright 2015. All rights reserved.
Brought to you by: McClanathan, Burg & Associates, LLC

About the Author
McClanathan, Burg & Associates, LLC. is a full service accounting firm. Our team members provide services including: Tax, Audit, Assurance and Accounting, Estate and Trust, Forensic Accounting, Litigation Support and Business Valuation.

Social Share

  • google-share

Search

RECENT NEWS

  • IRS Extends the Tax Filing and Paying Deadline for Individuals
  • Do you know the tax impact of your collectibles?
  • Making 2017 retirement plan contributions in 2018
  • When an elderly parent might qualify as your dependent
  • AMT Calculations: It’s Showtime

Categories

  • MBA Events
  • MBA News
  • Opinion & Editorial
  • Resources & Tips

Archives

  • March 2021
  • February 2018
  • January 2018
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • November 2013

Social Media

Facebook
Linked In
SavvyCard
Twitter

“Best
Congratulations to this year's honored business!
Featured in the Tampa Bay Times.
Click here to view my profile >>

Categories

  • MBA Events
  • MBA News

Archives

Sign Up For Newsletter

First Name:
Last Name:
Email Address (required):
Company:
Phone Number:
© 2014 McClanathan, Burg & Associates, LLC | Website Design by ThinkTankConnect.com

Send to Mobile

Text or Email McClanathan, Burg & Associates online business card to your mobile device using the form below
From the card you will be able to:
  • Get turn by turn directions to the company's office
  • Access a visual company directory of employee cards
  • Call, email or text the company
  • Share/Refer the company to others
  • Save the card to your phone's home screen for future access