Managing cyber risks and attacks

A robust plan will minimise business interruption and reputational damage

Recent incidents point to accountants facing an increasing risk of their IT systems being hacked. In 2016, for example, Deloitte was the target of an attack that compromised the emails and plans of some of the firm’s blue-chip clients. 

Lines of defence

Accountants’ sensitive data makes them a prime target for hackers looking for data they can then monetise. Firms should split their cyber defences against such attacks between:

  • risk management
  • post-breach damage/crisis management.

To optimise your cyber risk management, it is vital to run the latest versions of software – in particular browsers and operating systems – and keep them up to date. This can be achieved by taking the following simple steps:

  1. Identify all the software used on your systems – it’s easy to focus on Microsoft, but Adobe, Apache and so on must also be considered.
  2. Monitor the release of new patches from vendors (specifically security rather than feature ones) and apply them as soon as feasible. The vendor will often assign a criticality that will help you identify the severity of the issue.
  3. Deploy vulnerability scanning to ensure the patches have actually been installed.
  4. It’s also important to train your staff to recognise the warning signs and avoid becoming victim to social engineering and other common cyber-criminal tactics. The following practices may help you to reduce security breaches that relate to human behaviour:
  • Create a security policy that clearly outlines your company’s rules regulating the handling of data access and passwords, use of security and monitoring software and so on
  • Make your employees aware of risks that their actions can pose to your company’s security, and educate them on how to best handle work in a secure manner.
  • Apply the principle of least privilege. Deny all data access by default and allow it whenever needed on a case-by-case basis.

Speed and accuracy

If you do incur a cyber breach, the speed and accuracy of your response can make all the difference.

The more planning your company does before a breach, the better your chances of minimising the business interruption and reputational damage that can ensue. Ensure any PR and communications resource you have plays an integral part in the pre-breach planning process.

Following a breach, a company invariably feels a tension between the need to communicate with customers quickly and the need to communicate accurately. To optimise the chances of striking the right balance, it’s vital for a company to involve a range of stakeholders in the pre-breach planning stages. (See ‘Cyber breach planning: building your A-team’ for more analysis.)

This should ensure that the timing and extent of your communications to third parties is a business decision that has factored in the various implications, and not just those of one or two divisions.

Typically you can retain customers’ business if they feel that you have communicated with them the cause and effects of the breach quickly, accurately and openly, and have put them first throughout this process.

Lockton has produced six posters that can be distributed within your practice or clients to help raise awareness of various risks.

For more information, please contact Lockton’s dedicated ACCA team on 0117 9065057 or email