SmartVault Chief Information Security Officer Luke Kiely led a conversation during the MACPA's monthly town hall meeting on Aug. 20 that focused on cybersecurity and key ways in which CPAs can protect themselves, their organizations, and their clients. If you missed the meeting, here are three key takeaways:

1. Don't let your guard down

Most cybercriminals are not geniuses. They are ordinary criminals who exploit people who make simple mistakes. Arguably, these breaches are among the most dangerous because they are mundane in nature. They’re the result of victims not having the right security safeguards in place.

The Venn diagram of cybersecurity is an overlap of people, processes, and technology. If any one of those things is missing, there will be a gap in your security.

2. Vet your vendors

CPAs are among the best professionals to help clients become more secure because they are analytical and risk-aware. As a result, they need to be absolutely ruthless about their vendor due diligence. "You’re effectively putting client data into someone else’s hands," Kiely said. "You need to be absolutely certain that when a vendor says 'We’re secure,' they mean it."

3. Security starts with education

You need a cyber-aware workforce, and that starts with training your people to not just detect threats but to react to them. Your cybersecurity training needs to be real, relevant, and continuous.

If you'd like to watch the August town hall meeting in its entirety, it will be replayed at 9 a.m. ET on Sept. 3. Get details and register here.

LEARN MORE

Kiely suggests the following resources for news, guidance, and compliance information:

• Does Your Written Information Security Plan Comply With Federal Law?
• The Tax Pro's No-Nonsense Guide to Cloud Security
• Ransomware Prevention Guide
• Read: Your Firm's Guide to Managing Your Managed Service Providers
• Read: 10 Actionable Steps for Improving Cybersecurity in Accounting Firms
• Listen: From Paper to Practice — a Spotify podcast covering cybersecurity, compliance, and risk management for accounting professionals

Government / compliance resources

• Cybersecurity and Infrastructure Security Agency (CISA)
• National Institute of Standards and Technology (NIST)
• International Association of Privacy Professionals (IAPP)
• Lexology

More RESOURCES

• Download slides from the August meeting.
• View the results of our polling questions.
• Watch past town halls (without CPE) at MACPA.org/new-townhalls.
  
  
• MACPA’s cybersecurity programs: Our on-demand webcasts and webcast replays offer deep knowledge of cybersecurity risk management, frameworks, regulations, and related topics. Find your program here.
  
  
• Special thanks to the team at SmartVault for sponsoring the meeting. One of the MACPA’s newest partners, SmartVault is a secure document management solution and client portal built for accountants. Visit SmartVault.com to learn more about how they can help you.