Cybercrime; a Threat to Finance Professionals
The Internet, computer and servers are requisite tools used by financial professionals and thus far are subject to unyielding attack. Across the world, finance professionals are encountering sober realities where the financial information which is the raw materials for their trade entail sensitive financial data of individuals and companies. These are the most desirable and prominent targets for cybercriminals and hackers. At the center of this threat are accountants since they work with data which is the personalized identifiable data targeted by cyber criminals.
Even then, while the activities demand strong accountants’ engagement, they are not necessarily as confident in their business arena putting daunting defense lines. Early in the year, members of the ACCA were put under survey by the Seidenberg School of Computer Science and Information. This included CFOs, managing director, senior VPs, associates and practicing accountants from big generalists as well as small public firms that are specialized. From their responses, there are deficiencies that have been identified which have left vulnerable their organizations. For example:
- 56 % of North American respondents were now concerned with cybercrime, unlike one year ago
- 17 % said that attacks were reported routinely to the senior executives while less than 50 % of these breaches were reported to enforcement of the law
- 32 % did not have any knowledge of company policies regarding encrypting data in storage or in transit
- 58 % of auditors are now more concerned of cybercrime compared to 48 % of accountants, than one year ago
- It is only 27 % of accountants who felt that their organizations adhered to the standards of Control Objectives for Information and Related Technologies (COBIT 5) while 43 % auditors were of the belief that their companies followed these standards
- Almost 50 % showed signs that it was likely to hire consultants after a breach
- In spite of this, almost 70 % said that there was high awareness level of cyber risk management in their companies concerning procedures and policies while 57 % maintained that their IT systems were very much protected against cyber threats.
The research revealed weak communication between senior and line managers with regard to attacks. Throughout some organizations, it was established that the management of fundamental risk application on cyber security practices were not consistently applied.