[March 22, 2017]

ACCA USA Cautions Finance Sector, Consumers, to Take Steps to Combat Cybercrime

Fast food chain Arby's. Quest Diagnostics. Madison Square Garden. Yahoo. Verizon (News - Alert). Even, the Internal Revenue Service. Hardly a week passes without yet another revelation of a cybersecurity breach striking businesses both large and small.

The financial hit on business can be troubling: An IBM (News - Alert) report last year found the cost of a breach rose to $4 million per incident. And recently. Home Depot agreed to pay more than $27 million to financial institutions affected by its 2014 data breach, and court documents reportedly identified the total cost to Home Depot at $179 million.

ACCA (the Association of Chartered Certified Accountants), the global body for professional accountants, has been tracking cybersecurity issues over the last several years, as cyber threats have become more sophisticated and penetrated every aspect of business.

This summer, ACCA USA and The Seidenberg School of Computer Science and Information Systems at Pace University in New York, a National Security Agency (News - Alert) and Department of Homeland Security-certified Center of Academic Excellence in Information Assurance Education, will hold their first-ever cyberdefense course, offering professional development credits to accountants and other finance industry professionals.

"ACCA understands the challenges that accountants face and is determined to equip them with the necessary knowledge and training to address these cyber-challenges," said Warner Johnston, Head of ACCA USA.

"The threat from cybercrime and hackers has only increased over time," said Jonathan Hill, Dean of the Seidenberg School of Computer Science and Information Systems at Pace University. "The ACCA has been a particularly adept partner in educating financial professionals and the at-risk accounting and CPA professional communities on coping with these threats. This program is specifically designed for these financial professionals to build awareness and tools to protect themselves, their firms and their clients from the ravages of cybercrime."

Anyone interested in receiving further details about the new course and registration should email [email protected].

In February 2016, ACCA reported that cybercrime was growing too dangerous and powerful to ignore, and a head-in-the-sand attitude to this once nascent, now pervasive threat was no longer an option. In the report, "Cybersecurity - Fighting Crime's Enfant Terrible", ACCA and IMA® (Institute of Management Accountants) reported that the theft of financial assets through cyber-intrusions was the second largest source of irect loss from cybercrime.

ACCA stressed that accountants and finance professionals can, and should, play a leading role in defining key areas of a strategic approach to mitigating cybercrime risks. These include:

• Creating reasonable estimates of financial impact that different types of cybersecurity breaches will cause, so that a business can be realistic about its ability to respond to an attack and/or recover from it;
• Defining risk management strategy;
• Helping businesses to establish priorities for their most valuable digital resources to implement a "layered" approach to cybersecurity; and,
• Closely following the work of government and various regulators, to have clear, up-to-date information on adequate legislation and on requirements for adequate disclosure and prompt investigation of cybersecurity breaches.

Several months earlier, ACCA issued a report, "Cyberwarriors with Calculators", in partnership with Pace University, revealing that top-level managers in the finance industry are adapting to address cybercrime threats. The survey of ACCA professionals, including Chief Financial Officers, Managing Directors, Senior Vice Presidents and practicing accountants, found weak communication between line managers and senior managers about attacks and attempted attacks, and that the application of fundamental risk management cybersecurity practices should be applied more consistently throughout firms.

"In order for our nation to continue to prosper in a rapidly changing world we must diligently protect our public and private technological infrastructures and maintain the trust of the international community," the report stated. "Computers, servers and the Internet are indispensable tools for financial professionals - and they are under relentless attack. For accountants, measures must be taken to ensure that the sensitive personal and corporate financial information they handle is safe: accountants need to be at the forefront of cybersecurity."

ACCA members were asked about company policies and personal practices regarding cybersecurity, and how evidence of cyberattacks is communicated within firms. The findings highlighted weaknesses:

• Nearly 50% indicated it was somewhat or very likely that consultants would be hired after a breach.
• Nearly 70% said they had a high or very high level of awareness of their company's cyber risk management policies and procedures.
• 57% said their IT systems were well-protected against cyber threats.
• 32% had no knowledge of company policy on data encryption in transit or in storage.
• Auditors are more concerned about cybercrime today than a year ago (58% for auditors compared with 48% for accountants).
• 27% of accountants felt their firms adhered to Control Objectives for Information and Related Technologies (COBIT 5) standards whereas 43% of auditors believed their firms followed the standards.

In another report, ACCA and Pace also delved more deeply into the growing number of incidents involving skimming devices, which rip off consumers at gas pumps and ATMs. A skimmer is an electronic device used to read and store electronic data. The new research focused on devices that read and recorded data from consumer payment cards, such as ATM, credit, debit, prepaid and electronic gift cards.

The report illustrated how skimmer scams were spreading globally, and noted that in the first half of 2011, the U.S. ranked number one in the world in financial losses associated with skimming fraud. The report noted:

• One of the most common types of skimmer is the ATM skimmer, used to record data contained on the magnetic strip on the back of an ATM card. A skimmer may be placed on a stand-alone ATM, such as one at a convenience store or gas station.
• Security standards with European credit, debit and ATM cards differ from standards in the U.S., rendering it easier to conduct skimmer fraud in the U.S.
• The U.S. is pivotal for criminal gangs because it has more ATMs than another country and because it is not EMV-compliant (cards do not contain a global chip) and its EMV cards skimmed can easily be cloned. Cards that are cloned by criminals are also used in other non-EMV countries, such as Ghana, Costa Rica, Mexico and Malta.

About ACCA

ACCA (the Association of Chartered Certified Accountants) is the global body for professional accountants. We aim to offer business-relevant, first-choice qualifications to people of application, ability and ambition around the world who seek a rewarding career in accountancy, finance and management. We support our 188,000 members and 480,000 students in 178 countries, helping them to develop successful careers in accounting and business, with the skills required by employers. We work through a network of 100 offices and centers and more than 7,110 Approved Employers worldwide, who provide high standards of employee learning and development. Through our public interest remit, we promote appropriate regulation of accounting and conduct relevant research to ensure accountancy continues to grow in reputation and influence. For more information about ACCA, visit www.accaglobal.com.

About Pace University

Since 1906, Pace has educated thinking professionals by providing high quality education for the professions on a firm base of liberal learning amid the advantages of the New York metropolitan area. The Seidenberg School of Computer Science and Information Systems at Pace University prepares men and women for professional work, research, and lifelong participation in a new and dynamic information age. Located in the financial capital of the world, the Seidenberg School offers a wide variety of courses and exposure to internships and work with leading corporations, banks, federal agencies, and global entities. Degrees and certificates are conveniently available on Pace's campuses in New York City and Westchester County as well as online and in special programs. Visit http://www.pace.edu/seidenberg/

View source version on businesswire.com: http://www.businesswire.com/news/home/20170322006021/en/

[ Back To TMCnet.com's Homepage ]