As members will be aware, the past year has seen an increase in cyber attacks. The sophistication of the attacks is increasing and threat actors are using techniques that are harder to spot.
According to the Office for National Statistics (ONS), people are more likely to fall victim to fraud or cyber offences than any other crime. Almost half of businesses (46%) and a quarter of charities (26%) report having cybersecurity breaches or attacks in the past 12 months.
The legal profession is seeing an increase in cyber attacks, and no doubt threat actors are looking at accountancy practices as a potential target. Ransomware attacks in particular are a growing threat.
What is cyber fraud?
Cyber fraud is any crime committed via a computer with the intent to corrupt personal or financial information stored online. The most popular cybercrimes are phishing scams, where a hacker attempts to obtain sensitive or personal information from a computer user, online impersonation and identity theft.
It is estimated that global losses from cybercrime skyrocketed to nearly US$1 trillion in 2020 as the coronavirus pandemic provided new opportunities for hackers to target both individuals and businesses.
Who can be affected?
Whilst cybersecurity threats, attack types and ramifications differ from company to company, the potential to experience a cybersecurity attack covers every business. Accountancy and finance teams, in all sectors and in all sizes of organisation, have access to sensitive data, making it a high-value target for cybercriminals.
It’s commonly believed that cybersecurity attacks only affect larger organisations. However, smaller firms are more likely to be targeted, as they are seen as softer targets. According to the ONS, one small business in the UK is successfully hacked every 19 seconds. Larger corporations will have larger resources to implement a strong cybersecurity strategy, whereas smaller organisations may not be able to commit to a similar level of investment.
Cyber attacks have the potential to cause financial loss and reputational damage for any business, and PwC has estimated that financial institutions are over 30% more likely to be targeted than any other sector.
Cybercrime and fraud are a threat to businesses of any size and cybercriminals often take advantage of human error, so it's important that every member of your team and your clients know how to protect themselves and the business.
What resources are available?
To support our members, ACCA has teamed up with our partners, the National Cyber Security Centre (NCSC), part of GCHQ, Wolfberry Cyber and Barclays to offer a range of guidance and support, alongside ACCA resources including articles and continuous learning courses.
To access ACCA and partner guidance and resources, please see our cybersecurity support packages.
ACCA fintech package
Our ACCA course, Cyber security: the role of finance leaders, is designed for finance leaders and their teams. The course requires no prior knowledge of cybersecurity and looks at cyber risk from a financial or business risk management perspective.
The course is based on Cyber and the CFO, a research report jointly commissioned by ACCA, Chartered Accountants Australia and New Zealand, Macquarie University’s Cyber Security Hub and Optus, and is part of ACCA's range of fintech CPD courses.
National Cyber Security Centre (NCSC)
The NCSC website contains a wealth of practical guidance to protect companies of all sizes, including:
Wolfberry Cyber
Wolfberry Cyber has teamed up with ACCA to offer resources, discounts and offers on cybersecurity services for ACCA members. Visit the ACCA member hub where you can access a free one-hour cyber health check.
Over the coming months we’ll be working on a ‘live hack’ virtual event and will let members have more information about this once it is available.
Barclays
ACCA has partnered with Barclays Bank to bring you a free 30-minute webinar covering:
- why cybercrime matters
- preventing social engineering to stop attacks before they start
- common cyber threats
- helping protect you and your business
For more information, please see 'Know your cyber and fraud risks'.