South African Institute of Professional Accountants
25 July 2016
When it comes to cybersecurity, companies must consider the inside threat as well.
By Ettiene Retief, Chairperson of the National Tax and SARS Stakeholders Committees at the South African Institute of Professional Accountants
When it comes to cyber-crime, companies are most focused on the external threat from hackers. But given that business is largely digitised these days, and that fraud is so frequently an inside job, cybersecurity must include a strong inward focus.
The target for cyber-attacks, internal or external, is usually data. Data thus represents a considerable risk for all organisations, but particularly professionals like accountants, lawyers, bankers and the like, who will hold large amounts of highly sensitive client information. Recent high-profile data hacks, such as HSBC Swiss leak, were the work of insiders, and it’s possible that the anonymous source of the so-called Panama Papers was an employee of the law firm concerned.
So, while the external security measures like firewalls and other access control and tracking measures remain of greatest importance, companies need to take specific precautions to protect their data from internal threats. The following six principles will assist:
MEDIA CONTACT: Idéle Prinsloo, 082 573 9219, firstname.lastname@example.org, www.atthatpoint.co.za
For more information on SAIPA please visit:
LinkedIn: South African institute of Professional Accountants Company
Facebook: South African Institute of Professional Accountants