Cybercrime Increasingly Important for Professional Services Firms
With the majority of businesses in the UK using the internet, and many relying on it for finding customers, making payments and communicating, the risk of falling foul of cybercriminals has never been greater.
Back to News
And with digital tax reporting required of many businesses from 2018 or 2019 (depending on their turnover), cybersecurity and safety are pushed even higher on the agendas of business owners, and the accountants who will help them through this historic change.
Accordingly, the UK200Group, which is the UK’s largest membership association of independent chartered accountancy and law firms, has set up the Digitalisation Taskforce, which will support its members as they guide their clients through the process. A key priority of the Digitalisation Taskforce is to ensure that members and their clients know how to protect themselves against cybercriminals.
Jeremy Gardner, Managing Partner at UK200Group member accountancy firm Roffe Swayne and lead on cybercrime for the UK200Group’s Digitalisation Taskforce, was impressed by the Government’s most recent provisions for cybersecurity in the UK.
“We are constantly reminded every day of the increasing role that technology plays in our lives, in many different ways. It is particularly encouraging to see the Government’s digital strategy, which will have far reaching consequences for businesses in the UK and in particular in the SME market.
“There is arguably concern from some quarters that the strategy is simply rhetoric, however the seven strands referred to in the policy appear to show a real depth of understanding around the issues facing all businesses in the UK.
“We are particularly encouraged by the plans to make the UK the best place to start and grow a digital business, to help already established business make the transition to the digital age and to make the UK one of the safest places to operate digitally, looking to build on an already enviable reputation.
“The framework set out by the Government provides timely input into the UK200Group’s own Digitalisation Task Force which aims to assist its members and clients in making the transition into the digital age over the coming years.”
But what can businesses do to protect themselves?
Often, it is social engineering that leads to problems as far as ransomware is concerned, because the delivery mechanism will always be an email being delivered or a website being visited. Therefore, people need to be educated not to click on suspicious links or open unsolicited attachments, and to be prepared to question suspect emails and, if necessary, escalate them.
Threats include infections such as CryptoWall, which aims to compromise a firm’s systems by locking them out, and then demand a ransom in order to restore the data.
The firm then has the choice between paying the ransom and attempting to rebuild its database from paper records.
Another common form of fraud is the ‘whaling attack’, or CEO fraud, in which an email is sent, purportedly, from the CEO or Finance Director of the company, generally to the finance department staff, asking them to make urgent money transfers otherwise risk losing some business. The email proves to be fake and the money is lost.
This demonstrates how the relatively new social engineering element is a huge threat for businesses. People in business naturally want to help colleagues and provide information and this is the thing that is being exploited. The fundamental problem is that people just aren’t aware of the risks.
The UK200Group, established in 1986, represents a significant group of trusted, quality-assured business advisers – chartered accountants and lawyers – who have over 150,000 SME clients in total. As such, the UK200Group acts as the voice for 1,899 charities, over 12% of all registered academies, more than 3,887 farms, 800 healthcare businesses and over 4,000 property and construction professionals. The organisation remains impartial on political matters, and presents the individual views of its members.