An Awareness and Action Plan to Combat Security Threats of Social Engineering

Share this content

In order to dedicate a sustained effort to ensuring clients’ information is safely used by the firm, accountants need to be vigilantly aware of, and trained to identify and mitigate, the risk of security breaches.

For accounting firms and its professionals who directly access, use, and transmit extremely sensitive data for their clients, the fallout from a data breach or cyberattack can be enormous given the high value of the information that is compromised. Bank accounts, Social Security numbers, financial history, employment information, and more – that is personally identifiable to an individual or company staff at large – is a very high-risk type of data to access, transmit, store, and retain over the long term.

One dangerous, yet unfortunately common, risk comes by way of “social engineering,” which is a tactic hackers use to trick victims with psychologically manipulative tricks. Accounting firms can risk their clients’ data without knowing and unwittingly be handing over data when their employees are tricked with social engineering tactics into downloading malware or entering data into fake sites. The prime vector for such attacks is phishing. 

In short, you need to provide employees with security awareness training and have an action plan in place to contain any damage.

Here are some strategic tips on how to combat social engineering tactics to protect your brand as a trustworthy accounting firm and to ensure your clients’ data is safely used within your firm: 

Policies, Education, and Awareness Training

The standard operating procedure of most accounting firms includes IT protocols that safeguard data. However, such policies are only helpful if they’re actually followed. And, in times of extremely busy seasons – from holidays to tax season – rushing to meet a deadline can often cause even the most well-intentioned professional to take a shortcut outside of the IT policy to be efficient.

Please Login or Register to read the full article

To access all of the content on our site, register (it's free!) or login to your existing account.

About Isaac Kohen

Isaac Kohen

Isaac Kohen is the founder and CEO of Teramind, an employee monitoring and insider threat prevention platform that detects, records, and prevents malicious user behavior.


Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.