Suffice to say, it’s not been a good week for the 5th largest U.S. credit card issuer. This week, Capital One was hacked in what’s being called one of the largest data breaches in history. A lone hacker gained access to more than 100 million American and Canadian customer accounts and credit card applications. The data theft exposed 140,000 social security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, among customers’ other personal data. Capital One estimates the breach will cost them between $100M and $150M in 2019 on customer notifications, credit monitoring, technology costs and legal support. And this does not include potential reputational damage or political and regulatory actions, including possible penalties. Capital One’s stock also plummeted 6% overnight.
This breach is yet another painful reminder that no organization is immune when it comes to potential cyber attacks. At the same time, it also reminds us of the great opportunity the accounting and finance profession has to own the cybersecurity risk management space.
CPAs are recognized as trusted advisers and experts in risk management. That trust and expertise enables the profession to take a leadership role on oversight on systems, controls and policies that could expose their clients or organizations to cyber threats. Whether you already have a deep knowledge in cybersecurity and just need a refresher or are exploring how to provide cybersecurity advisory or assurance services, we have a vast range of resources to support you.
If you’re looking to build your knowledge
We have the foundational information you need to understand the risks and opportunities available in the cybersecurity space. Here are a few on-demand resources to get you started:
- Finding the opportunity in breaches: Watch this LinkedIn Live interview to learn how your firm can expand into cybersecurity advisory and assurance services and how you can influence your company’s cybersecurity program
- Cybersecurity: What The C-Suite Needs to Know: Hear from a cyber expert about the practical steps you can take to protect your organization from vulnerabilities in this Go Beyond Disruption podcast
- Our cybersecurity certificate programs: Learn what you can do to help protect your clients or organization from cyber threats
If you’re looking for tools to protect your clients or organization
These resources will help you put a strong framework into place, and you can use the knowledge you gain through that process to demonstrate your expertise and advise your clients.
- Cybersecurity Risk Management Reporting Framework and CGMA Cybersecurity Risk Management Tool: Leverage these tools to help safeguard your company from the next breach
If you’re looking to expand your services and promote your value
These resources will guide your firm as it moves into the cybersecurity advisory and assurance space. And once you’re offering these services, we can help promote your expertise and value in this area.
- PCPS Exploring Cybersecurity Toolkit (PCPS members): Access the kit to unlock everything you need to help your firm build a robust cybersecurity practice
- Cyberattack: It’s just a matter of time: Use these talking points to explain to your clients why CPAs should be involved in their organization’s cybersecurity plans
- SOC for Cybersecurity: Helping you build trust and transparency: Educate your clients on the services your firm can provide
For our full collection of cybersecurity resources, visit aicpa.org/cybersecurity.
Colette Sharbaugh, Senior Manager, Communications and Public Relations, Association of International Certified Professional Accountants
- Three things your firm needs to get started with SOC services
- A solid password today keeps the hackers away
- Data breaches are here to stay
Originally published by AICPA.org