The accountancy profession in particular may be viewed as a key target by cyber criminals and fraudsters. As a result, it is essential that financial institutions understand the risks posed by cyber-attacks and have the correct procedures and systems in place to effectively combat them.
Practices should routinely check for updates to their computer operating systems: installing the latest security patches from the program vendor and ensuring that automatic updates are switched on can help protect your devices from unwanted viruses and malware. It is recommended that firms do not make use of unsupported, or ‘jailbroken’, operating systems, as these may increase your liability to a cyber-attack. You should only use systems that receive regular security updates.
Ensure that your practice has a reliable antivirus program installed on any devices belonging to the firm. It is important to make sure that this is kept up to date, and to run your antivirus software regularly: this will help to iron out any malicious viruses that may be lurking in your computer operating systems.
Knowing how to spot a scam email from a legitimate one is essential. Key tips for spotting a dishonest email include reviewing the spelling and grammar of the piece: are words spelt incorrectly? If so, question the email’s validity. It is also strongly advisable to refrain from clicking on links or attachments in emails that appear suspicious, as these may direct users to scam websites or install harmful viruses onto your device or operating system. If you are unsure about an email, simply delete it.
To help minimise the consequences of falling victim to a cyber-attack, firms should enquire into purchasing cyber protection insurance. This type of insurance will help firms to recover costs in the event that they are targeted by cyber criminals.
Make sure that any essential data stored on devices or computers is adequately and regularly backed up. The Federation of Small Businesses (FSB) recently published cyber security guidance for small businesses, outlining that, if your essential data is backed up, and is backed up to a storage device that is located on an alternative network to your usual one, ‘data cannot then be held to ransom’.
Where can I learn more?
The government-backed National Cyber Security Centre (NCSC) website contains useful information for practices and individuals on how to protect against debilitating cyber-attacks and stay safe online. For more information, please visit www.ncsc.gov.uk.