The Secret Accountant believes they are not the only one is still confused when it comes to cybersecurity.
I do believe this is a huge issue for accountants and the business community going forward especially with the GDPR rules on the horizon.
We all rely heavily on technology, storing everyday data such as employee details and client information. Therefore the risks that come with this are growing and require our attention. Whilst the internet is a very powerful and necessary tool these days, it also increases the risks that we face almost every week.
When I meet clients and bring the subject of cybersecurity into the conversation I’m met with the reply:
‘we’re not a target’; or
‘we don’t need to worry about security’.
Many clients seem to believe that only large organisation need to worry about cybersecurity – but it is dangerous to think this way. Every organisation is at risk.
Which leads nicely to GDPR…
As with cybersecurity, clients are only just waking up to the fact this takes effect from May 2018 – not long now. When I tell clients the fines can be 4% of turnover this does get their attention and opens up the dialogue.
Now is the time to get familiar with the terms personal data, data controller and data processor. Take a look at the ICO website where there is a great 12 point plan to help you get ready, covering:
information you hold
communicating privacy information
subject access request
lawful basis for processing data
data protection by design
data protection offices
Implementing these steps could have resource issues for both accountants and clients; don’t leave it to the last minute because each one will require effort and focus.
ACCA’s recommended provider for PII – Lockton – has provided a series of articles on GDPR in recent editions of In Practice covering:
ACCA has also worked with Haines Watts to develop a series of webinars covering GDPR. The first webinar is a one hour overview webinar with a further 16 short webinars covering industry specific issues, affected business functions, and key elements from the Regulation.