Cyber Security in Accounting 1

This document discusses best practices for cybersecurity in accounting. It outlines different types of cyber attacks like phishing, malware, and denial of service attacks. It recommends encrypting sensitive data, using multi-factor authentication, training employees on security awareness, backing up data regularly, and having an incident response plan. The document emphasizes that accounting handles confidential financial information, so cybersecurity is crucial to prevent attacks and safeguard data.

Uploaded by

mithun.manoj.332

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

64 views9 pages

Cyber Security in Accounting 1

Uploaded by

mithun.manoj.332

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 9

Title: Cyber-security in Accounting: Best Practice in

safeguarding sensitive data

Student Name: Mohammed Sajid Cp

SRN: R21CB060

17.11.2021
INTRODUCTION

1. Cyber-security refers to the measures taken to protect

computer systems, networks, and sensitive data from
unauthorized access, theft, or damage. In accounting,
cyber-security is of utmost importance as it involves
handling confidential financial information that must
be safeguarded against cyber attacks.
2. The increasing reliance on technology and the
internet has made cyber attacks more common,
sophisticated, and damaging. Accounting firms and
professionals must take proactive steps to prevent
cyber attacks and protect sensitive data. This includes
implementing strong passwords, firewalls,
encryption, multi-factor authentication, and regular
software updates and backups.

2
OBJECTIVES

1. Cyber attacks can take many forms and can have devastating consequences for accounting systems.
It is important to be aware of the different types of cyber attacks that can occur and take measures
to prevent them.
• Phishing attacks - These attacks use fake emails or websites to trick users into giving away
sensitive information like passwords or credit card numbers.
• Malware attacks - Malware is software designed to damage or disrupt computer systems. This can
include viruses, Trojans, and ransomware.
• Denial of service attacks - These attacks overload a system with traffic, making it unavailable to
users. This can be used to disrupt business operations or as a cover for other types of attacks.
• Man-in-the-middle attacks - These attacks intercept communication between two parties and can be
used to steal information or modify data.

3
BEST PRACTICES FOR
SAFEGUARDING SENSITIVE
DATA
• Encryption
• Encrypt all sensitive data in transit
and at rest to prevent unauthorized
access.
• Multi-factor Authentication
• Require multi-factor authentication
for all users to add an additional
layer of security.

4
EMPLOYEE TRAINING AND AWARENESS

• The Importance of Employee Training

• Employees are often the weakest link in the cyber-security chain. It is
important for all employees to be trained on the best practices for
safeguarding sensitive data and recognizing potential threats. This
includes regular training sessions and reminders about the importance of
cyber-security.
• Awareness of Cyber-Security Threats
• Employees should be made aware of the various types of cyber-security
threats that can occur in accounting, such as phishing scams and
ransomware attacks. They should also be trained on how to identify and
report potential threats to the appropriate personnel. 5
DATA BACKUP AND RECOVERY

1. One of the most important aspects of accounting cyber-security measures is data

backup and recovery. Backing up data is crucial to ensure that sensitive
information is not lost in case of a cyber-attack, system failure, or natural disaster.
2. In addition to backing up data, having a recovery plan in place is equally
important. In case of a breach or system failure, a recovery plan can help quickly
restore data and minimize downtime. It is important to regularly test the recovery
plan to ensure it is effective and up-to-date.
3. Not having a proper backup and recovery plan can result in permanent loss of
sensitive data, which can be detrimental to the accounting firm's reputation and
financial health. Therefore, it is essential to prioritize data backup and recovery as
a key component of accounting cyber-security measures.

6
INCIDENT RESPONSE PLAN

• Preparation
• Establish a clear incident response team and assign roles and responsibilities. Develop and regularly test an
incident response plan that includes procedures for identifying, containing, and mitigating incidents.
• Identification
• Establish procedures for detecting incidents, such as monitoring systems for unusual activity or receiving
reports from employees. Develop a clear definition of what constitutes an incident and establish criteria for
escalation.
• Containment
• Establish procedures for containing incidents, such as disconnecting affected systems from the network or
shutting down affected services. Establish criteria for determining when to escalate an incident to the next
level of response.
• Mitigation
• Develop procedures for mitigating the impact of incidents, such as restoring systems from backups or
applying patches to vulnerabilities. Establish criteria for determining when an incident has been fully
mitigated and can be closed.
7
CONCLUSION
We've learned about the dangers in the
digital world, how to actively defend
against them, and why following the rules
is crucial. Remember, trust is like our
treasure, and we've uncovered ways to keep
it safe. By understanding the risks and
using strong strategies, we're creating a
shield for our important data. As we end
our talk, let's keep this cybersecurity
mindset alive, protecting our digital world
like superheroes guarding a valuable
treasure.