Four crucial tips to protect your organization’s data
News
AICPA logo
Cart
searchSearch
search
burger
AICPA logo
  • Home
Person looking through a pair of binoculars
News

Four crucial tips to protect your organization’s data

2 years ago · 2 min read · AICPA Insights Blog

The cost of cybercrime is increasing at an alarming rate. By 2021, the estimated damages from cybercrimes will be around $6 trillion, according to Cybersecurity Ventures. What can your firm or organization do to ward off evil cyberthieves? Joel White, CPA, CGMA, and Senior Director of Internal Audit, Risk & Compliance at the Association, offers four simple tips to help your firm or organization beef up its cybersecurity defenses. Here’s a quick recap.

  1. Always remember to patch
    Timely patching is the key to an effective cybersecurity strategy. But what is a patch and what does it do? A patch is a piece of code that a vendor, such as Microsoft, sends to correct an operating system or software program problem.

    Copy of RAVE Cybersecurity '19 Patching Memes PURPLE

    To ensure timely patching, audit your software programs. Once you have inventory oversight, create a consistent and repeatable process to update systems with new patches as they’re released.

  2. Be aware of phishing scams
    Do you want to fight cybercrime? Teach your staff to avoid phishing scams — and that’s phish with a “p.” Phishing is when a fraudster uses deceptive emails and websites to steal personal data or information. Hackers make messages look like they came from colleagues and can include personal information pulled from out-of-office messages or social media.

    Copy of FB. Cybersecurity '19 Phishing Memes PURPLE (1)

    So how can you fight back? Education! Some tools such as Office365 allow you to “phish” your employees. If an employee clicks or taps on a link, make sure you incorporate learning so they know they’ve been phished and what to do next. This will help your staff identify suspect emails, potentially saving your organization from financial or reputational loss.

  3. Assess your cybersecurity risk
    With cybersecurity, knowledge is half the battle. One of the best ways to strengthen your firm or organization’s cybersecurity program is to assess your cyber risk. Start by talking to your leadership. Find out what data they value the most. Next, determine the location of the data. Is it at a vendor or in your data center? On which server does it live? Is it backed up? Once you know this information, you can assess common attack vectors used to target such data.

    Copy of FB. Cybersecurity '19 Risk Assessment Memes PURPLE

    THEN, you can get to the DOING! Determine what controls exist, if those controls apply to the highest risk areas and what new controls you could institute.

    Another tip: See if you even need the data! Companies often maintain data they no longer need. Again, knowing is half the battle.

  4. Use multi-factor authentication
    Multi-factor authentication is a security system that requires multiple forms of verification to authenticate a user. Have you tried to log in to your bank account from a new device? When you have to enter a security code sent to your phone, that’s MFA. It creates a layered defense, so even if an attacker hacks through one barrier, you’re still protected.

    Copy of FB. Cybersecurity '19 MF Memes PURPLE

    MFA is an easy and effective way to ward off potential cyberattacks. Talk to your IT professionals and executive leadership about why they should invest in MFA to protect their most important systems.

Remember that a failure to perform simple safety measures such as the ones Joel provided is one of the biggest reasons organizations become cyberattack victims. With the four above tips, you’ll take a few small but crucial steps toward protecting your company or firm from extreme financial and reputational loss. Do you want more cybersecurity tips? Register for our “Cybersecurity in 2020: What you need to know” webcast on Nov. 8 at 10:30am ET and earn 1 free CPE credit while you supplement your cybersecurity knowledge.

What did you think of this?

Every bit of feedback you provide will help us improve your experience

What did you think of this?

Every bit of feedback you provide will help us improve your experience

Mentioned in this article

Topics

Subtopics

Manage preferences

Related content