Cybercrime is becoming too pervasive for accountants to ignore, according to a new report from the Institute of Management Accountants and the Association of Chartered Certified Accountants.
The joint IMA and ACCA study, “Cybersecurity – Fighting Crime’s Enfant Terrible,” assesses the global cyber-threat landscape, tracks current and future cybersecurity trends and focuses on areas that are most likely to have a direct impact on the future of the accounting profession.
“Accountants and finance professionals should always be mindful of the old saying: ‘a fool and his money are soon parted’. Now, and for as long as the profession heavily relies on computers, no one can afford to be a cyber-fool,” said the report.
Accountants and finance professionals can, and should, play a leading role in defining key areas of a strategic approach to mitigating cybercrime risks, according to the report. These include creating reasonable estimates of financial impact that different types of cybersecurity breaches will cause, so that a business can be realistic about its ability to respond to an attack and/or recover from it. Accountants and finance pros can also help organizations define a risk management strategy and set priorities for the digital resources they consider most valuable.
“When establishing a plan it is important to be realistic about the resources at your disposal so you can deploy them appropriately,” said IMA vice president of research and policy Raef Lawson in a statement. “To be effective, implement a ‘layered’ approach to cyber security that establishes priorities for your most valuable digital resources.”
Accountants and finance pros should also closely follow the work of government and various regulators, in order to have the latest information on legislation and requirements for adequate disclosure and prompt investigation of cybersecurity breaches, the study recommends.
“Exploitation of the myriad weaknesses within cybersecurity is now being perpetrated by a rogues gallery of hostile nation states, digitally enabled terrorists, conniving competitors, organized crime syndicates, hacktivists and even the odd disgruntled employee,” said Faye Chua, ACCA’s head of business insights. “From health records to credit cards, individual pieces of confidential data are fetching up to $45 per unit on the black market. With databases holding millions of records now commonplace the consequences of a breach have become too serious to ignore.”
Cybercrime is not a new phenomenon. The report traces back the history of the computer-related crimes to the early 1970s, when an employee of the Park Avenue branch of New York’s Union Dime Savings Bank used a computer to syphon over $1.5 million from hundreds of customers’ bank accounts. Fictional depictions of cybercrime date back even earlier, including the 1969 caper movie “The Italian Job,” in which a gang of British rogues pull off a gold bullion robbery by disrupting the traffic of central Turin, planting a virus in the mainframe computer that controls the Italian city's traffic lights and using gadgets to disrupt the closed-circuit TV cameras that monitor traffic.
The authors argue that cybersecurity is no longer a purely technical issue. A cyber-breach’s impact can spread across every aspect of a business and often involves operational, reputational and financial damage, in addition to regulatory penalties.
The report is available at