Skip to main content

Advisory

Every CPA Firm Needs to be a Security Company

CPA firms are also once again changing. For many, the first customer facing technology may have been offering self-service options to extend back office functionality. Electronic invoicing and collections are two early examples that date back to the ...

security1_11074722

In 2018, the year of artificial intelligence, internet of things, blockchain, and big data, it is safe to say more and more companies are emerging to be technology companies. In the last year, a lot of attention has been placed on how automotive companies such as Ford and General Motors are positioning themselves as technology companies.

Large conglomerates such as GE are marketing themselves as “the digital company that’s also an industrial company” and are using young programmers as the center of a large advertising campaign. However, it isn’t just industrial and manufacturing companies that are pivoting, large financial institutions are now developing and often acquiring Fintech providers.

Santander created Santander InnoVentures with a stated aim of, “to support the digital revolution to make sure Santander customers around the world benefit from the latest know-how and innovations across the Banking Group’s geographies.” Verticals such as healthcare, education, media and many others now must address technological changes more than ever and position their investments in technology as differentiators. 

Technology and CPA Firms

CPA firms are also once again changing. For many, the first customer facing technology may have been offering self-service options to extend back office functionality. Electronic invoicing and collections are two early examples that date back to the 1990s or earlier. As time moved on, other parts of the business, particularly those related to engagement delivery, also began to leverage technology. In the 2000s, firms began using file sharing services and central repositories such as Microsoft SharePoint to exchange data with clients.

Most firms purchased commercial-off-the-shelf (COTS) products as they did not have many, if any, developers on staff. Today, firms have a plethora of on-premise and cloud-based offerings available and if none of them meet requirements, the potential to develop something in-house is readily available. These new solutions also require firms to think about security more than ever before.   

Large Firms and the Cobbler’s Children

Many CPA firms, particularly larger firms, offer technology related advisory and consulting services, including developing software for their clients. However, they also need to innovate and leverage technology to improve the quality of their own offerings, be it tax, audit or advisory. These firms often have staff with the knowledge to adequately secure their own environment; however, they rarely work with internal initiatives. The problem is the work performed for the firm’s external clients are revenue generating, while securing internal systems yields no revenue, or is seen as taking away revenue due to the opportunity cost.

Smaller Firms and Knowledge Gap

All firms regardless of size need to leverage technology for competitive advantages. However, unlike large firms, smaller firms likely do not have the expertise to adequately secure their newly procured or developed systems. While organizations such as the AICPA have cybersecurity content available, and frameworks such as ISO 27001 exist, smaller firms may not have the time, means, and occasionally, desire, to implement security best practices.

See the Security Checklist at www.CPAPracticeAdvisor.com/12417167.

 

 ============

Matt Wilgus is a Practice Director at Schellman & Company, Inc., where he leads the Threat and Vulnerability Assessment offerings. In this role he heads the delivery of Schellman’s penetration testing services related to FedRAMP and PCI assessments, as well as other regulatory and compliance programs.

 

See inside July 2018

The Pros & Cons of Working From Home

Job seekers are enticed by work from home options but are aware of the pitfalls, suggests new research from global staffing firm Robert Half. More than three quarters of professionals surveyed (77 percent) said they are more likely to accept a job ...

Previous

Why Vacations Are Good For You – and Your Team

Love going on vacation but worried about taking time off? You’re not alone. The majority of workers in a recent Accountemps survey said they typically check in with the office at least once or twice a week during their vacation.

Next