Brought to you by
Bright full colour logo
Bright was created in 2021 when Thesaurus Software Ltd. and Relate Software Ltd. decided to join...
Save content
Have you found this content useful? Use the button above to save it to your profile.

Cybersecurity, the cloud and AI: What you need to know 

21st Mar 2024
Brought to you by
Bright full colour logo
Bright was created in 2021 when Thesaurus Software Ltd. and Relate Software Ltd. decided to join...
Save content
Have you found this content useful? Use the button above to save it to your profile.

The digital accounting revolution has been a huge benefit for the efficiency, service and growth of accounting firms. However, it has also created a new world of vulnerabilities for bad actors who target businesses online. 

As digital tools become more integrated into the fabric of business operations, the emphasis on cybersecurity has never been more critical. For accountants, who handle sensitive financial data, this amounts to a new level of responsibility and awareness. Cyberattacks, phishing schemes, and data breaches are on the rise – a report from the end of 2023 found that 20% of businesses had been victims of cyberattacks in the past year, being 67% more likely to have experienced a cyber incident than a physical theft. But with the right tools and processes in hand, accountants can be prepared.  

Threats in a cloud world 

The shift to cloud accounting has been transformative, offering scalability, efficiency, and remote access. However, it also introduces specific risks such as data interception, unauthorised access, and service disruptions.  

Accountants play a crucial role in safeguarding their firms and clients against these threats, necessitating a deep understanding of cloud infrastructure and potential vulnerabilities. The latest government guidance on this issue – the new Cyber Governance Code of Practice demands that firms not only fortify their cybersecurity measures but also ensure they are aligned with national standards and best practices. 

As with most compliance issues, there is a high chance that the burden will fall on accounting firms when it comes to keeping SMEs compliant. With stringent measures on the horizon, now is the time to review and enhance your cyber governance strategies.  

This means adopting a holistic approach to cybersecurity, encompassing risk management, incident response planning, employee training, and the secure development and deployment of secure digital tools. This raises the bar for firms when it comes to software selection, client advice and workflow management. But it also creates an opportunity to take a leading role with clients in this fast-moving landscape. 

AI and risk 

Artificial Intelligence (AI) has been one of the most dynamic technology stories of recent times. While software providers have been implementing AI and Machine Learning (ML) elements in products piecemeal for years, the launch of consumer facing tools like ChatGPT has thrown fuel on the fire, giving anyone the chance to use powerful AI tools. 

This presents a double-edged sword in cybersecurity. While it can fortify defences by identifying unusual patterns and predicting potential breaches, AI systems themselves can be targets of sophisticated cyberattacks. For firms using AI tools to process client data, this involves understanding its limitations, ensuring transparent data handling processes, and maintaining up-to-date security protocols to mitigate risks. This may include: 

  • Policies for what data can be used with AI tools 
  • Processes for anonymising client data 
  • Training for clients on when and how to use AI tools 

How to talk to your clients about security 

Accountants need to take a proactive role in keeping clients safe. And as with many security issues, the biggest threat for your clients may be themselves. Scams such as phishing attacks often rely on gaining a client’s trust to make them give up sensitive information voluntarily. It’s essential therefore to make sure your clients are aware of the risks – after all, the robust security in the world doesn’t mean anything if your client gives up their password. 

Client communication about cybersecurity should be clear, instructive, and reassuring.  

  • Educate clients on common risks, such as social engineering and ransomware. 
  • Emphasise the importance of a collective approach to security.  
  • Developing and sharing a robust security policy can guide clients in adopting best practices and understanding their role in the cybersecurity ecosystem. 

Making software an ally 

Choosing the right technological solutions is integral to cybersecurity. Vendors should be questioned about their security measures, data handling policies, and compliance standards.  

Accountants should also advocate for solutions that offer layered security features like two-factor authentication (2FA) and controlled access mechanisms.  

One of the most vulnerable areas of any workflow is data in transfer. That’s where integrated, API-enabled solutions, like the Bright accounting suite can make a huge difference. By minimising the scope for manual data transfer methods—such as emails or spreadsheets— accountants can keep sensitive data secure in transit, while saving time on manual processes.  

Taking a proactive approach to cybersecurity 

As custodians of businesses’ financial data, accountants are on the forefront of the fight against cyber crime, whether they want to be or not. This doesn’t necessarily mean that advisors need to suddenly become experts in cybersecurity, but it does mean taking a level of responsibility. 

That starts with secure tools and processes. To find out more about how Bright keeps our customers safe, why not book a call with one of our security experts. 

Book a demo  

Written by | Bright

 

Related Articles: