Cybersecurity: Who’s responsible anyway?

Cybersecurity: Who’s responsible anyway?

Cybersecurity threats are increasing by the hour. In 2018 alone, the IRS reported 1.4 billion online attacks on their systems. Phishing attacks, when an attacker masquerades as a trusted party to dupe you into opening a malicious link or email, increased by 60% this past year. As for 2019, cyber scams are expected to reach an all-time high. As our business, health, and financial information continues to migrate online, it begs the question — who is responsible for keeping client data safe?


The current state of cybersecurity.

Cyber crimes are growing in number and sophistication. As security efforts move to keep up with bad actors, cybercriminals need more and more personal information to impersonate taxpayers. As a result, hackers have dialed in on tax professionals as a preferred target. With increasing popularity, data security is a must for all tax professionals. Everyone has a role to play in protecting sensitive information. From firm partners to solo practitioners, every finance professional should be aware of the latest cybersecurity threats and prevention tactics.


What firms should bring to the table.

The majority of consumers pinpoint firms as the responsible party when it comes to keeping information safe. According to a PWC survey conducted in late 2017, 92% of consumers agree that companies who handle personal information should prioritize data protection. The IRS agrees. Firms are required to stay compliant with IRS regulations, including how and where they send client information. For example, Publication 4557 states, “if you must transmit sensitive data by email over the internet, be sure to encrypt the data.”

Not only is protecting taxpayer data a requirement, it’s good for business. 85% of consumers avoid companies with questionable security practices, and consequently take their business elsewhere. For a firm, a security breach can inflict just as much damage to your reputation as to your data, snowballing into a loss of clients and income. Bottom line: data security protects your clients and your business.


Building trust in the cyber Wild West.

People understand that the internet can often resemble the Wild West. With a countryside full of cyber bandits, some level of threat is inevitable. 69% of consumers assume companies are vulnerable to cyberattacks, meaning clients recognize the risks of the internet and acknowledge that a cyber threat could affect anyone. What it comes down to is how a company proactively prevents and reacts to security threats. In addition to being compliant with standard security regulations, companies need to build trust and integrity with their clients. Placing cybersecurity and customer privacy at the forefront of your business strategy — and backing it with proven security tactics — will help address consumer concerns and cement customer loyalty.


Who’s responsible? Everyone.

At the end of the day, both taxpayers and firms need to stay vigilant year-round. Clients should take proactive steps to maintain strong passwords with multi-factor authentication and stay up to date on password best practices. As a firm, keeping up with security compliance regulations and employing secure, invite-only file sharing and messaging tools like Liscio will help keep client information safe and build the necessary trust for long-lasting customer relationships.