14th October, 2024
In the latest episode of the Fiscal Therapy podcast, host Jodie Sitters dives into an often overlooked yet vital aspect of accounting — cybersecurity. Jodie is joined by Tara Whitehead, Security Engagement Manager at MYOB, to discuss how cybersecurity plays a pivotal role in protecting accounting practices from a wide range of cyber threats.
With October being Cybersecurity Awareness Month, this timely conversation sheds light on the importance of safeguarding sensitive data and shares practical tips for businesses to stay secure.
To kick things off, Tara offers a simple yet powerful definition of cybersecurity: “It’s the practice of protecting your systems, networks, programs, and devices from digital attacks,” she explains.
Whether it’s your mobile phone, email, or business systems, cybercriminals are always on the lookout for vulnerabilities. The threats can range from phishing emails to more sophisticated attacks like social engineering.
Jodie reflects on this, noting how many people assume it won’t happen to them. “We always think cyberattacks happen to someone else,” she says, “but the reality is, no business is too small or too niche to be targeted.” Tara agrees, emphasising that cybercriminals often cast wide nets, hoping to find any vulnerable spot.
In the world of accounting, these risks are even more pronounced. Accounting practices handle a treasure trove of sensitive data — financial records, client information, and access to banking systems — all of which are highly attractive to hackers.
One of the most common threats that accounting practices face is phishing, where cybercriminals trick individuals into providing personal or sensitive information by pretending to be a trusted source.
Tara shares a real-world example of how dangerous phishing can be: “A Melbourne executive once received an email saying their child had broken their leg, and they needed to fill out a form. In reality, this form was malicious software designed to steal data. The executive was moments away from opening it before they realised something was wrong.”
Tara goes on to explain how social engineering plays a role in these attacks, where cybercriminals use personal information to make their scams more convincing. “It’s all about manipulation,” she says. “Cybercriminals might find details about your life on LinkedIn or social media, and they use that to tailor their attack, making it much harder to spot.”
For accounting practices, the risk is even greater. With access to vast amounts of client data, one breach could mean a catastrophic loss of trust and financial security.
One of the key questions Jodie asks Tara is whether businesses should consider outsourcing their cybersecurity. The answer? A resounding yes. “Most businesses outsource all sorts of services already — why not security?” Tara points out. “If you don’t have the resources to manage it in-house, it’s a smart business decision to bring in experts.”
Tara compares this to any other outsourced service, like IT or HR, emphasising that outsourcing cybersecurity to specialists ensures that your business is protected by professionals who understand the ever-evolving threat landscape. “You wouldn’t expect your accountant to manage your IT systems,” she adds. “So, why expect them to handle security?”
While outsourcing cybersecurity can be a smart move, Tara stresses the importance of building a strong relationship with the provider. “This isn’t a faceless game,” she says. “You need a trusted, reliable partner who understands your business and works with you to protect it.”
The conversation takes a sobering turn as Tara outlines the potential consequences of failing to prioritise cybersecurity. “Even if you do everything right, things can still go wrong,” she cautions. “But if you do nothing? Well, the sky’s the limit in terms of what could happen.”
Tara paints a vivid picture of the risks: “Imagine a hacker gains access to your bank account and starts scraping small amounts of money, or worse, they steal personal data and use it for identity theft.” In a business setting, the impact is multiplied. “For an accounting practice, it’s not just your data that’s at risk, but your clients’ data too. And once trust is broken, it’s incredibly hard to regain.”
To wrap up the episode, Tara shares her top three tips for keeping your accounting practice secure:
Tara’s final message is simple but powerful: don’t wait until it’s too late to prioritise cybersecurity. “Think of it as an insurance policy,” she says. “You hope you never need it, but if you do, you’ll be glad it’s there.”
For accounting practices, where the stakes are high and the risks are real, cybersecurity should be a top priority. As Tara wisely notes, “Don’t get hacked. But if you do, be prepared to act.”
Information provided in this article is of a general nature and does not consider your personal situation. It does not constitute legal, financial, or other professional advice and should not be relied upon as a statement of law, policy or advice. You should consider whether this information is appropriate to your needs and, if necessary, seek independent advice. This information is only accurate at the time of publication. Although every effort has been made to verify the accuracy of the information contained on this webpage, MYOB disclaims, to the extent permitted by law, all liability for the information contained on this webpage or any loss or damage suffered by any person directly or indirectly through relying on this information.