عرض العناصر حسب علامة : الأمن السيبراني
رسالة دكتوراه: نحو دور فاعل للمراجع الداخلي في إدارة مخاطر الأمن السيبراني في الشركات المقيدة بالبورصة المصرية
تلعب وظيفة المراجعة الداخلية الحديثة Internal Audit Function (IAF) دورًا حيويًا فى تحسين عمليات المنشآت، سواء الهادفة أو غير الهادفة لتحقيق الأرباح، فضلا عن اعتبارها بمثابة أحد الرکائز الأساسية لحوکمة الشرکات
أمن البيانات ما الخطأ الذي يمكن أن يحدث
الحقيقة هي أنه عندما يتعلق الأمر بأمن البيانات، لا يوجد شيء اليوم يمكن أن يحميك بنسبة 100٪ من أي هجوم إلكتروني ما لم ينقطع اتصالك بالإنترنت تمامًا.
معلومات إضافية
-
المحتوى بالإنجليزية
Data Security: What Could Go Wrong?
The reality is, when it comes to data security, zero risk does not exist. There is nothing on the market today that can 100% protect you from a cyberattack unless you completely disconnect yourself from the internet.
In 2021, IBM reported that the average size of a data breach is 25,575 records, with each record costing the company $165 on average, and the total cost to a company averaging over $4.24+ million. It is critical that CPA firms implement proactive IT strategies using a multifaceted approach to protect their data security. Before we dig into the preventative strategies to combat threats, we need to understand what methods cybercriminals are taking to try and penetrate systems.
What’s the Cyber Criminal’s End Game?
Cyber criminals have countless reprehensible methods of conducting cybercrime, as noted below:
Send out phishing emails. A phishing scam is when a nefarious source targets consumers by sending them an email which appears to be from a reliable source. The hacker asks the consumer to provide personal identifying information. The hacker then uses the information to invade the consumer’s accounts or to open new accounts.
Collect personal information. The cyber criminal’s goal is to gather personal information to be used for other types of identity theft such as credit card or insurance fraud.
Infect a computer with ransomware. The cybercriminal infects a computer with malicious malware which prevents access to files, systems, or networks, and requires payment of a ransom for their return.
Access further accounts within an organization. Account takeovers can morph from a personal attack on a singular computer as an entry to compromise an entire system or network.
The threat of account takeovers continues to evolve as the number of scenarios cyber criminals can use to gain access to victim’s accounts also evolves. It is important for C-suite executives and tech experts to understand their cybersecurity vulnerabilities.
Why Would Global Cybercriminals Target CPA Firms?
CPA firms are prime targets because of the sensitive, confidential, financial information accounting firms amass. Hackers target CPA firms for explicit information and then use the data to steal assets, ransom it, or sell the data to the highest bidder.
Obtain confidential, personal data. Cybercriminals seek client data from CPA firms such as birthdays, Social Security numbers, and other personal information. The data is used to target and steal from specific clients or to sell the data to other criminals who specialize in identity theft.
Attain financial information. Cyberattacks on accounting firms seek specific account numbers, tax records, credit card information, and employee identification numbers.
Gain tax records. Cybercriminals file fraudulent tax returns from information obtained from CPA firms. They steal tax returns and use the information for additional identity theft.
How to Minimize your Risk of a Cyberattack
It is imperative that CPA firms, regardless of size or composition, have vigorous cybersecurity protections in place. The risk of cyberattacks is disproportionally higher for smaller and medium sized organizations, who tend to be much more reactive than proactive. Below are mitigating steps to help protect your firm from possible cyberattacks:
Have a good backup strategy. Hackers tend to want to go for your backups first, making you more vulnerable during the attack. CPA firms should have multiple backups using different technologies and be physically removed from the network, so in case of a malware infection, the backup data does not become infected.
Implement multi-factor authentication for everything. By requiring multiple factors to prove your identity during the login process, you can drastically reduce the chance of unauthorized access.
Train employees about cybersecurity risks. Educating employees about cybercrime such as phishing, malware, and ransomware attacks is an effective strategy. CPA firms should create a culture of consistent security awareness to reduce the risk of cybersecurity breaches caused by human errors.
Use Advanced Threat Prevent Technologies. Leverage Next Generation Antivirus (NGAV), Endpoint Telemetry Data, DNS Filtering, Intrusion Prevention Systems, Reputation Based Threat Prevention, Data Encryption – the more the better! These security technologies learn users’ habits and daily activities using behavioral detection, machine learning algorithms, and exploit mitigation so known and unknown threats can be anticipated, blocked, and immediately prevented.
Patch all systems. Focus on patching any and all known, exploitable vulnerabilities.
Store data and information in encrypted databases. Storing data in an encrypted database can deter cybercriminals from accessing the information.
Prepare your organization. Have a cyber incident response and business continuity plan ready, to ensure critical functions and operations can remain running if technology systems are disrupted. If your IT systems go down, how will day-to-day account management and communication continue with personnel and clients? Make sure important contacts are up to date & test it regularly!
Accounting firms are prime targets for cybercrime for specific reasons due to all the sensitive, confidential, and potentially lucrative information they have in their systems.
How CPA Firms Can Shift their Risk
Accounting firms have significant responsibilities to protect their clients’ information from potential global cybercriminals. Adhering to the CISA guidelines is an important, proactive plan for CPA firms. More specific cybersecurity strategies are examined below:
Review cybersecurity insurance. C-suite executives should determine if specific cybercrime insurance coverage includes state-sponsored cyberattacks such as what might be initiated by outside threats. Check for 1st person vs 3rd party insurance coverage, ransomware coverage, and employ an attorney who understands cybersecurity review your cyber insurance coverage.
Encourage a “security mindset” in employees. Require multifactor authentication, training on data security policies and procedures, and remind personnel that phishing is still the most common cyberattack modality.
Enlist the help of IT security professionals. Engage with cybersecurity experts who can help reduce your level of risk through deploying stronger security technologies, preventative solutions, help guide and enforce evolving security best practices. Having a cybersecurity team available 24x7x365 monitoring threats is a great peace of mind.
At the end of the day, cyberattacks can have a detrimental impact to firms. Don’t wait until it’s too late to develop an effective data security plan.
رسالة دكتوراه: أثر توكيد مراقب الحسابات على مزاعم الإدارة عن إدارة مخاطر الأمن الإلكتروني على قرار الاستثمار بالأسهم
استهدف البحث دراسة واختبار العلاقة بين توکيد مراقب الحسابات على مزاعم الإدارة عن إدارة مخاطر الأمن الإلکترونى (الأمن السيبرانى cyber security) وقرار الاستثمار بالأسهم. وکذلک اختبار أثر تأهيل وخبرة المستثمرين على العلاقة محل الاختبار. ولقد اعتمد الباحث على إجراء دراسة تجربية، على عينة من 65 من المستثمرين المؤسسيين والذين يتمثلون فى أمناء الاستثمار فى البنوک التجارية المصرية.
4 تحديات تواجه شركات المحاسبة
تخضع العديد من شركات المحاسبة لتغييرات كبيرة حيث أظهرت العديد من التقارير الكيفية التي يمر بها مجال المحاسبة بتغييرات جوهرية، ويجب على شركات المحاسبة تنفيذ طرق جديدة لحل هذه المشكلات
اتجاهات التكنولوجيا القائمة على السحابة في شركات المحاسبة
المتطلبات التنظيمية المتطورة هي مجرد جزء من المعادلة عندما يتعلق الأمر باتجاهات الصناعة الناشئة التي تؤثر على مهنة المحاسبة.
معلومات إضافية
-
المحتوى بالإنجليزية
The Three Emerging Cloud-based Technology Trends Transforming Accounting Firms
Evolving regulatory requirements are just part of the equation when it comes the emerging industry trends impacting the accounting profession. Technology and the ongoing innovations in cloud-based solutions are likely to be one of the most transformative forces in your practice over the next three-to-five years.
Research firm Gartner estimates that by 2024 more than 45% of IT spending will shift to cloud-based technologies, and in many instances, this will include accounting software—driving the demand for accountants with strong cloud accounting software skills.
Key to the changing technology landscape for accounting firms is the introduction of new tools with real-time data analytics and artificial intelligence (AI). To thrive in this new technological ecosystem, accounting firms will need to have a clean, reliable, and secure data infrastructure. This may present a challenge for firms that have legacy on-premises systems, not only from a cybersecurity and workflow standpoint, but also in terms of revenue.
This is because it is only by using a new breed of cloud-based accounting systems that firms can open the door to automated financial reporting, cash management, accounts payable, and month-end close processes. The automation of these tasks will increase your firm’s productivity and profitability.
With this in mind, here is a closer look at the three technologies poised to have a lasting impact on the accounting profession: AI, analytics and cybersecurity.
1. Artificial intelligence. Once considered a futuristic technology, AI is now considered by many to be mainstream. There is a growing consensus that AI can and will have a significant impact on just about every industry and business role.
Accounting firms and their clients are already implementing solutions featuring AI to automate mundane, easily repeatable tasks, freeing employees and firm owners to focus their time on higher-value activities.
How will AI impact your firm? Consider this example: using machine learning, a type of AI, a company can feed a year’s worth of expense reports into a travel and expense system with the goal of teaching it to flag anomalies that might indicate fraud or human error. The more reports the system has to study, and the more time it spends analyzing them, the better it becomes at identifying potential issues, creating the opportunity for time and cost savings.
2. Analytics. One of the key advantages of cloud-based technologies incorporating AI and machine learning is the advanced analytics capabilities they offer for users. When more data can be analyzed more quickly with advanced reporting tools, the output is richer and offers deeper insights. This allows accountants to not only save time and increase productivity on data processing functions, but also provides the opportunity to offer additional advisory services and add more value to client relationships.
3. Cybersecurity. Using cloud-based technologies is often more secure than on-premises versions because the right vendor will store all of the client and other data your team has stored in accordance with leading cybersecurity practices most businesses cannot match on their own. In addition, the technology provider will update your solutions frequently in response to emerging security threats. This provides peace of mind to your clients and mitigates liabilities for your firm. Cloud systems also provide the redundancy necessary for business continuity should you need to relocate your firm, work remotely, or face some other business disruption.
It is now a fact: cloud-based technology innovations are disrupting the accounting industry. This trend is quickly transforming what used to seem like futuristic applications and use cases into mainstream solutions. Over the next few years, the technologies described above, along with other developments, will help accountants increase the efficiency of their workflows, access richer data, securely serve their clients, and extract additional insights from every accounting process. The only remaining question is, how will your firm respond?
معهـد المحاسبين القانونيين يدعو الشركات لإعطاء أولوية للأمن السيبراني لمنع خروقات البيانات
نظم معهد المحاسبين القانونيين في إنجلترا وويلز ندوة عبر الإنترنت حول الأمن السيبراني، بمشاركة نخبة من الخبراء المتخصصين، ولفت المشاركون إلى أهمية إدراك الشركات بأن احتمالية حدوث عمليات القرصنة والجرائم الإلكترونية الأخرى قد زادت بشكل كبير في أعقاب جائحة (كوفيد19)، لا سيما مع التحوّل لإنجاز المزيد من العمليات التشغيلية عبر الإنترنت في ظل الاعتماد المتنامي على التكنولوجيا.
تسويق شركتك: الاستراتيجية الرقمية حتمية
غيّر عام 2020 كل شيء عن كيفية عمل الشركات، بما في ذلك كيفية تفاعلها مع الجميع من الموظفين إلى العملاء ومن البائعين إلى المجتمعات
معلومات إضافية
-
المحتوى بالإنجليزية
Marketing your firm: The digital strategy imperative
By David M. Toth
May 12, 2021, 9:00 a.m. EDT
5 Min Read
Facebook
Twitter
LinkedIn
Email
Show more sharing options
2020 changed everything about how businesses operate, including how they interact with everyone from staff to clients, vendors to communities. The COVID-19 pandemic resulted in a digital transformation that changed the way people purchase consumer products, goods, and services. Until 2020, only 15% of companies prioritized digital transformation. In 2021 however, 77.3% of CIOs rated digital transformation as a top priority, pushing cybersecurity to second place.
Firm leaders of today and tomorrow looking to succeed in an increasingly virtual market must lean into the momentum that has been created since the beginning of the pandemic, take those learning experiences and data points, and uncover new paths to revenue growth.
Digital presence is nothing new and has lived as a function of marketing for a long time. But as client acquisition becomes more complex and anomalies like those of the Paycheck Protection Program and CARES Act have proved to firms that opportunities do exist through virtual experiences, a sound digital strategy must find its place as a pillar of your firm’s 10-year vision.
Empower your firm with the Intuit ecosystem of tax and accounting products
Expand your tax software with tools that help you work better, faster, end-to-end. Intuit offers a full support system, developed by and for tax...
SPONSOR CONTENT FROM INTUIT
The ability to remain competitive in 2021 and beyond is now dependent upon an approach that engages your target audience in tailored and unique ways, either pushing them through a thoughtfully designed qualification process or grooming unqualified leads to become clients of the future. Key tools to a successful plan include:
The evolution of your website into a sales tool;
Leveraging content to answer your audience’s pain points and challenges;
Thought leadership to establish expertise and positioning in key channels;
Comprehension of the “new” client journey;
A tactical approach to keyword strategy and search engine rankings;
Leveraging email marketing that has been a proven tactic in our toolbox for 20-plus years;
Defining the conversion funnel for your firm as it relates to managing each touchpoint;
Identifying digital champions inside your firm; and,
Technology adoption across marketing and sales.
As digital strategy evolves to become an immediate and impactful portion of the client experience, the prospect-to-client journey you create (read: your digital strategy) will require the same level of attention in a virtual environment as it would in-person. The above tools combine to provide rich insight into each visitor’s online movements, interests, and interactions, allowing your firm to curate a personalized, guided experience from the moment they walk in your virtual “front door.”
In fact, prospects and clients already expect and demand a frictionless journey, shifting the traditional focus of business development from relationships in the market to virtual experiences online. Providing a frictionless experience to your prospects and clients requires your firm be able to capture data, automate their interactions, and gain insight from the time they get to your website to the time they interact with your colleagues in the local community. The ability to centralize this information into one dashboard removes the hurdles and unnecessary complexity from a rapidly evolving process.
New opportunities
Geographic boundaries have vanished, but new boundaries related to the virtual buyer’s journey and the pandemic have sprung up between firms and prospective clients. This shift has created a digital strategy imperative. Every facet of the prospect-to-client relationship is now critical to maintaining a data-driven approach to measure what must be managed.
And there are big opportunities to be had. Implementation of a digital rainmaker strategy grants firms the ability to establish meaningful relationships while building a book of business that extends beyond any one individual. Opportunities generated through a broad, sophisticated digital strategy will create an output of higher conversion rates (and more time dedicated to clients and billable hours) for partners, ultimately yielding increased cash flow and profitability for the firm.
So, what are the foundations of a sound digital rainmaker strategy?
1. Data is king. So is content. You may have seen some headlines recently about the way data is going to be collected and stored by internet giants like Google, Facebook, YouTube and Amazon. Their methods are evolving rapidly to put the user first and protect their data. What does that mean for your digital strategy? Data collection will be much more critical at the firm level versus relying on third-party sources. Attention will become a commodity and competition for users’ time on the internet will be more challenging. Strong, relatable content that shows thought leadership will pave the path to establishing an authoritative voice and a strong following.
2. Focus on one vertical at a time. Developing a source of qualified leads through digital marketing of specific verticals and practice lines is the best way to create success stories for repeatable growth. Trying to tackle and embrace the entire firm's transition to one of digital culture will have its challenges. Embracing a model that is generating traceable, repeatable, and sustained revenue comes with focus, leadership, and the ability to identify digital champions within the firm. Who will be the next partner to champion video, thought leadership creation, and a podcast with 40,000 monthly subscribers?
3. Data flow drives decisions. Visibility and accountability at all levels is critical and data flow, analytics, and dashboards connecting the path from marketing inception to sales conversion provide the insight needed to know what’s working and what isn’t. Data-driven growth is integral to the future-ready firm.
4. Adoption at all levels is critical. Why do only 30% of digital transformations succeed? Because, according to McKinsey, adoption must be endemic — and that’s a hard nut to crack. Adoption that starts at the top level and becomes part of the firm's strategic plan, goals, metrics, and key performance indicators at all levels is more likely to succeed and produce the greatest return on investment.
As client acquisition becomes ever more challenging and complex, as client experiences trend toward virtual and away from in-person exclusively, and as the prospect-to-client expectations continue to evolve, this imperative will become ever more critical to your success.
إعادة تفكير المحاسبين في استخدام التكنولوجيا السحابية
معلومات إضافية
-
المحتوى بالإنجليزية
Pandemic prompts accountants to rethink use of cloud technology
By Michael Cohn
April 21, 2021, 3:35 p.m. EDT
5 Min Read
Facebook
Twitter
LinkedIn
Email
Show more sharing options
COVID-19 has been forcing accounting and finance teams to work remotely since last year, and that’s prompting reexaminations of how to use cloud technology for financial reporting in the future.
A report, released last month by the Institute of Management Accountants and the financial technology company Workiva, surveyed approximately 200 financial reporting professionals on their experiences and found that before the pandemic, their organizations placed a fairly low priority on technology-based financial reporting solutions. Two-thirds indicated they were behind other internal teams in competition for resources. About 30 percent of the respondents expressed interest in a technology-based solution for various activities around the documenting of management review processes and judgment areas. Approximately one out of five respondents said they have changed their prioritization or budgets for technology-based corporate reporting solutions for 2021 and into the post-pandemic period.
The pandemic forced most companies to shift toward a work-from-home environment last year, and that included their accounting department. While many employees have since returned to their offices at many organizations, others are continuing to do their work remotely. Despite the initial challenges, remote technology has mostly helped accounting and finance employees work safely from home, but it has also raised the question of whether companies should continue to rely on cloud technology after the pandemic eventually subsides.
“What we found out is that, not just with the anecdotal information that we were hearing, is that financial reporting teams are able to get the job done during the pandemic,” said Shari Littan, director of corporate reporting research and policy at the IMA, who co-authored the report. “They felt that they had adequate tools for some areas that are more challenging than others. Inventory is one of them. Revenue assessment is another. But by and large, they felt that they could get the job done. What we wanted to know is this going to change your movement toward adoption of more elegant and efficient solutions? And what we found is that there is an appetite for more.”
The survey respondents seemed to prefer new systems for two areas: control ownership and succession, and assessing revenue expectations. “The succession part is really where we’re really seeing some interest,” said Littan. “One thing a cloud-based or collaborative platform can do is automatically assign who is going to oversee what and who is the second in command, someone else who can step in if that person is unavailable because during the pandemic more things are changing fast.”
The respondents from private companies expressed more interest in systems for accounting processes that require estimates and sorting data.
“When you need to access economic data, things are changing very fast and you have to depend on judgment-based estimates in a pandemic environment,” said Littan. “Or if there are climate events like we saw in Texas disrupting the process, things are moving so fast, and you have to get the right data for a decision that’s being assessed. It’s better to have tools rather than going out and finding the right data, stripping it out, because we’re dealing with unstructured data for building the reports. In the scenario of a pandemic or major weather event, you could be dealing with unknowns. You don't have enough data. You don’t have enough information. You can’t compare to a prior year. Some of your estimates have to be rethought from scratch.”
Accounting and finance teams are increasingly needing to assess such information, including for environmental, social and governance reports.
“There is still a sense at companies that technology for their financial reporting and accounting teams is less of a priority than technology solutions elsewhere in the company,” said Littan. “Yet that’s happening at the same time as we’re asking for more reporting, on ESG for example, more information, and more teams are working remotely.”
Cloud technology can help accountants respond to those needs more quickly. “One of the things we focus on at IMA for people who are on the corporate preparer side is the demand on the professional’s time,” said Littan. “We hear every day how they would like to be more involved, even more than they are now, in strategy, in planning and talent management, in developing business models, all of these other things that we want accounting and finance professionals to be able to do, but they are dedicating so much of their time to compliance and just getting the reports out while there are solutions available to them.”
Cloud-based systems can also help with workflow when building and reviewing reports. “When you’re using this type of software, the reporting requirements are built in, or they can be lined up and compared, so it eliminates that cutting and pasting,” said Littan. “What it also could help with is the management oversight and review process for those last steps of the report because if you’re using that system, it will document who reviewed certain documents and information in order to sign off on the reports’ various aspects, and it will record that. That can be really helpful down the road if there’s ever a look back on how certain decisions were made, what was the review, what was the oversight. That gets preserved. Another helpful aspect when people are working remotely is you don’t have a physical document for signoff. You don’t want documents sitting on 10 different people’s computers and different versions of them. The platform could help assign these things, so it could help with efficiency.”
Cloud technology can be challenging from a cybersecurity standpoint, and it can be difficult in a remote environment to have the proper internal controls in place and the management oversight and review when much of the staff is working remotely. But overall it’s proven to be invaluable for organizations that are forced to operate remotely in this now year-old environment of the pandemic.