background image
Connecticut CPA
March/April 2018
paid advertisement
information is for sale on the dark web
because of a breach. The U.S. Nation-
al Cyber Security Alliance estimates
that 60 percent of small companies go
out of business within six months of a
cyber attack.
The good news is there's a simple step
you can take to lay a solid foundation
for your cybersecurity strategy: get a
cybersecurity risk review. A cyberse-
curity risk review assesses your orga-
nization's current ability to safeguard
confidential information and provides
you with practical ways to reduce risk
and protect sensitive data in the future.
These reviews are relatively inex-
pensive, help demystify cyberse-
curity, and will provide you with a
list of actionable steps to perform
as you move forward. A risk review
should not focus solely on IT systems
and infrastructure. Rather, it should
take a holistic approach, examining
elements such as regulatory compli-
ance, asset protection, user aware-
ness, liability insurance, business
resiliency, policies, procedures, sys-
tems, funding and spending levels,
and incident response.
At the end of the risk review you will
be presented with the findings and
a framework that will be used to ad-
dress the most important cyberse-
curity planning and protection needs
going forward.
If you haven't had an expert review
your cybersecurity risks, I encourage
you to do so as soon as possible. If you
have in the past, I recommend having
an updated review at least once a year
to ensure you maintain adequate pro-
tection in today's fast-changing secu-
rity environment.
In the meantime, the next page pro-
vides you with a practical list of nine
cybersecurity steps you can start to
implement today to make sure your or-
ganization is protected.
Hackers aren't usually looking
for a major challenge; they
are interested in low-effort,
high-reward targets. CPAs and
other financial professionals
often fit this description
because their data is a treasure
trove of confidential information
that is highly lucrative on the
black market.