Cybersecurity is important in any industry, but especially those dealing with finances and sensitive information, like SSNs and bank account logins, such as accounting firms do.
But there are only so many times you can go over the same topics in the same way before it loses its impact. If you find your team’s eyes glazing over when you mention data security and how to spot a phishing attack again, then maybe you just need to change up the message a little.
October is National Cybersecurity Awareness Month (NCSAM) and it gives you a perfect opportunity to emphasize digital security to your accounting team in a whole new way and one that comes with a catchy theme.
This year’s theme is “Do Your Part. #BeCyberSmart” and it includes different areas of cybersecurity that you can emphasize each week to help improve your team’s security awareness.
We’ll go through the focuses you can use for each week of October to drive home the point of IT security and help your team become more CyberSmart. (And increase the security of your accounting firm at the same time!)
Use These Weekly Themes to Drive Home a Cybersecurity Message
Keeping your data and your clients’ data protected from breaches and cyberattacks can be a full-time job. Attackers seem to multiply each year and their tactics revolve around user errors in many cases, which is why phishing attacks are still the #1 cause of data breaches and malware infections.
Ransomware attacks have increased dramatically between 2016 and 2019, rising from an average of 1.5 per minute to 4.3 per minute.
Using the four weekly themes below can help you improve your employees’ cybersecurity awareness and be a catalyst for improvements to reduce vulnerabilities in your network.
Week 1 (Week of Oct. 5): If You Connect It, Protect It
For the first week of National Cybersecurity Awareness Month, you can emphasize the main device protections that are considered best practices for cybersecurity.
Whether you use a laptop or workstation, every device should include some of the basics when it comes to device protection. These include:
- Antivirus/Anti-Malware: All devices should have a good antivirus-anti-malware solution to identify and quarantine any threats.
- Regular Updates/Patches: Putting a managed patch/update service in place for all devices greatly reduces the risk of a critical security patch not being applied and leaving a device vulnerable.
- Web Protection: With most phishing attacks these days using links to malicious sites instead of malware, it’s important to have web protection (DNS filtering) to block dangerous sites.
Week 2 (Week of Oct. 12): Securing Devices at Home and Work
Today’s offices largely incorporate both office and at-home workers and many accountants work both places, depending upon the day. For week 2, you can emphasize security both in the office and at home.
This can include things like using a VPN to secure a connection, no matter what type of Wi-Fi you may be connecting through. You can also share the following two tip sheets provided for NSCAM:
Week 3 (Week of Oct. 19): Securing Internet-Connected Devices in Healthcare (and Other Industries)
We added the (and other industries) onto this one, because IoT internet-connected devices are used everywhere these days, not only in the healthcare industry.
Accounting firms can use IoT security cameras, voice speaker assistants, wireless printers, and other smart gadgets in their daily workflow.
These devices are increasingly being targeted by hackers as a way into a network, and many of them are targeted with attacks in as little as 5 minutes of being set up.
Some of the standard best practices for securing IoT devices (which include routers) are:
- Immediately change the default name and password when first connecting the device
- Turn off PnP or any other features you don’t need
- Use a non-descript device name that doesn’t give away the make, model, or address
- Keep firmware on IoT devices updated regularly
Week 4 (Week of Oct. 26): The Future of Connected Devices
What does the future hold when it comes to technology that you need to be aware of? Often advances happen before security is properly put into place (as has been the case with mobile device use).
Future technologies that are already rolling out include Wi-Fi 6 and 5G. Take a look at what those mean to your firm and encourage employees to think “security first” whenever adopting a new app or technology.
For example, Wi-Fi 6 uses the WPA3 security protocol, which is a big step up from earlier routers using WPA2. You may want to encourage a switch at your office to the newer technology to improve network security.
How Secure is Your Firm’s IT Security Plan?
Don’t leave your network at risk. Connect2Geek can help your accounting firm understand your vulnerabilities and address them with smart solutions.
Schedule a free cybersecurity consultation today! Call 208-468-4323 or reach out online.