The 2022 American Cybersecurity Landscape
Cybersecurity risks are a serious threat to businesses of all sizes. The Colonial Pipeline ransomware hack in May of 2021 showed the sizable ramifications of one leaked password on a business.
81% of the breaches in the financial services industry in 2021 were due to human error. Social engineering and phishing attacks, along with emails sent to the wrong recipients, were identified as the top breach causes for accounting firms in Verizon’s Data Breach Investigations Report.
The government and regulatory bodies have been actively developing new compliance policies to help address the increasing cybersecurity threat. Let’s examine the current regulation in the US:
IRS 4557 Guidelines
The IRS have released guidelines for CPAs to follow to secure their firms to a necessary high standard.
Some of the most pertinent recommendations are:
- Have security software in place and securing your networks
- Create strong passwords and employ Multi-Factor Authentication
- Spot data theft by training your employees in basic cybersecurity and ensuring they are aware of popular scams.
Practice Protect offers a Data Security Plan to help address these guidelines.
Executive Order ‘Improving Our Nation’s Cybersecurity’
In response to geopolitical tension and increased sanctions against Russia, there has been a resulting increasing in cyber attacks. The US government responded this year with a mandate from the White House reminding firm owners to be cognizant of cyber risk and to protect systems.
The E.O. contains recommendations such as using Multi-Factor Authentication, encrypting data, and educating employees when it comes to cyber risk.
Learn more about the government’s recommendations around businesses cybersecurity.
Safe Harbor Laws
To encourage businesses to take cybersecurity more seriously, cybersecurity safe harbor laws are being rolled out at a state level. These laws offer a legitimate legal defense for businesses that are breached, provided they meet cybersecurity standards.
So far laws have been passed in Ohio, Utah and Connecticut.
Reduce your risk
As cybersecurity has become a necessity for accounting firms so too has compliance policies to ensure regulations are being followed and best practices met.
To learn more about the above or to understand your level of risk, book a demo with our team.