Accountants, once known as mere “bean counters,” have now taken on a crucial role in the fight against cybercrime. The modern landscape of cybercrime includes activities such as stealing personal information, hacking into systems, spreading viruses, and deceiving individuals into divulging money or data through business email addresses. In Australia, the cost of a single cybercrime report in 2022 was shown to be A$39,000 for small businesses, $88,000 for medium businesses, and $62,000 for large businesses. Similarly, in New Zealand, direct financial losses from cybercrime reached NZ$6.6 million in the first quarter of 2024.
Despite the general guidance on cybersecurity, there is limited information on the specific role accountants can play in its detection and prevention. Traditionally focused on the financial aspects of a business, accountants are now at the forefront of responding to cyber threats. Research has shown that accountants, as the custodians of sensitive data such as tax records, payroll information, and business transactions, can significantly reduce the impacts of cybercrime.
A study conducted by experts in Australia and New Zealand involved 21 interviews with management accountants, cybersecurity specialists, legal professionals, and senior executives to explore the role of accountants in cybersecurity. The findings highlighted various key roles that accountants can undertake in the fight against cybercrime.
One of the primary roles identified is that of frontline protectors. Accountants are often the first line of defense in safeguarding organizations against different forms of cybercrime, such as business email compromises. They meticulously review email content and attachments, validate sender authenticity, and verify domain names to prevent fraud. Moreover, accountants control access to sensitive systems and data to ensure only authorized personnel have permission to financial records or payroll systems. By integrating cybersecurity practices into their daily tasks, accountants help mitigate the risk of cyber threats.
In addition to being frontline protectors, accountants also serve as strategic decision-makers in strengthening cybersecurity. They collaborate with the IT team to make informed decisions on cybersecurity investments, conducting cost-benefit analyses to optimize limited budgets effectively. Furthermore, accountants play a vital role in enhancing cybersecurity by making strategic decisions related to risk identification, risk management strategies, and cyber insurance premiums. Cyber insurance plays a crucial role in covering costs associated with cyber breaches, such as system repairs, customer notifications, and legal claims.
Another key role that accountants play is managing data policies within organizations. They establish rules and guidelines for managing data, determining retention periods, protection measures, and deletion protocols. By reducing unnecessary data, accountants help minimize the risk of data breaches while still retaining valuable information. Moreover, data policies aid organizations in complying with stringent privacy and data security regulations in Australia and New Zealand.
As the realm of cybercrime continues to evolve, it is essential for accountants to stay informed and updated on the latest developments. Participation in training courses, forums, and seminars on cybersecurity, programming, and emerging technologies like artificial intelligence is crucial for accountants to enhance their understanding of system management, data protection, and response to new cyber threats. In-house training tailored to accounting and finance teams, including simulated cyberattacks, can help accountants recognize and combat threats effectively in real-world scenarios.
To remain effective in the ever-changing landscape of cybersecurity, accountants must prioritize continuous learning and development of technical expertise. By expanding their knowledge and engaging in specialized training, accountants can effectively protect their organizations from the evolving challenges posed by cyber threats.