Did you know that cyber attacks against accounting firms rose over 300% in 2020 in the midst of the global pandemic? Since Accounting Today first reported this increase, the cybersecurity trends have only grown worse for many accountants. Financial data is a major target of hackers alongside other personally identifiable information (PII), but often also giving cybercriminals more leeway in leveraging its sensitivity to extort victims rather than using it themselves. This puts finance teams across all industries in the same crosshairs that healthcare and insurance providers have fallen under, alongside many other vulnerable sectors.
Whether you work for a firm or in an internal accounting department, whether you are a CPA in the trenches or a CFO – cybersecurity is as much your responsibility as it is IT’s in this increasingly digital age. As a longtime consultant for ERP and network security service provider, SWK Technologies has put together this list of threats and solutions to help you better understand the risks your team faces and how to address them before it is too late:
Biggest Cyber Threats for Accounting Departments and Firms
There are many dangers faced by accounting firms and departments in the realm of cybersecurity, both unique in the field and common to different businesses and industries. Here are seven of the biggest cyber threats and risk factors that your team needs to keep an eye out for:
1. Software Vulnerabilities
Accounting and ERP software that is not properly protected against exposure represents one of the most critical security gaps for finance teams, along with any connected integrations that are unsecured against unauthorized access. Legacy systems in particular are often a major threat for modern technology stacks – most of these older platforms were not designed for modern cybersecurity needs, and are much more easily susceptible to being breached when exposed to an external connection that can occur unseen in a contemporary IT ecosystem.
2. Human Error
Human error remains the leading cause of data breaches across all industries, and neither accounting firms nor internal finance teams in any of these sectors are an exception to this trend. These mistakes rarely stem from malicious intent, but the severity of their impact remains just as potent as a bad actor breaking into your network on their own. Unfortunately, they are also often caused by common occurrences for accountants – rushed decisions under deadline pressure, lack of awareness about current hacker tactics, or simple fatigue during busy periods like tax season or quarter-end close.
3. Ransomware
Modern ransomware is an escalating threat across all industries due to its increasing sophistication and gradual evolution into a a major cybercrime ecosystem with professional developers creating new strains of malware persistently to sell to all manner of enterprising hackers. For accounting teams in particular, the risk is especially severe as attackers know to time their extortion with busy periods such as tax reporting deadlines or quarter-end closing. These attacks will typically include exfiltration of data before it is encrypted and you are locked out of your systems, so that they have the opportunity to extort you again or just resell the information to other buyers on the Dark Web.
4. Cloud Misconfigurations
Migrating to the cloud – whether hosting your legacy software with a third-party provider or switching to a modern solution – is not the end all, be all of digital security, and one of the most common exposure types comes from misconfiguration. SaaS platforms, for example, operate on a shared responsibility model where the vendor secures the system’s infrastructure while your remain responsible for protecting your data, managing user access and configuring security settings appropriately. There have been multiple cases where the connection to a certain server or integrated application exposed the data of customers without anyone finding out until much later, sometimes after a confirmed breach uncovers the gap.
5. Phishing / Business Email Compromise
Phishing continues to be one of the most prolific methods that hackers use to gain greater access to secured networks and systems, including for malware infections and wire fraud. Most attacks are still carried out through business email compromise (BEC), where a corporate electronic mailing address belonging to someone with authority or network permission is breached. However, many attackers are expanding their repertoire to include new channels and techniques from SMS text messages to voicemails, and the availability of AI is being leveraged by many to improve their “deepfake” schemes. Accountants are a prime target for many of these given their holding of the proverbial keys to the financial kingdom in most businesses.
6. Lack of Internal Security Controls
Even with all of the automated cybersecurity solutions in the world, any defense net is only as strong as the people minding it – which is why human error is most often the biggest culprit in many breaches. Modern security postures require layers to slow down and isolate attacks that make it past the first line of protection, yet many businesses lack the capabilities, knowledge or resources to enforce this approach. From encryption to proper user permission practices, the lack of internal security controls accounts for a significant number of breach escalations, as well as for several regulatory violations.
7. External Access or Connections
Whether from application integrations, remote server connections, partner data synchronizations, customer portals, file collection by outsourced payroll processing services or any other number of external channels, improperly secured outside pathways can provide easy access for intrepid hackers. Even in the best case scenarios, these links can form cybersecurity gaps in your tech stack outside of your IT team’s immediate oversight. In other cases, attackers compromise the credentials of third-party support personnel who have privileged access to customer systems for troubleshooting purposes.
Why Legacy ERP Becomes a Single Point of Failure for Accountants
ERP serves as the central nervous system for your financial data, often storing what security researchers call the “crown jewels” of organizational data. Transaction and bank account information, historical records for everything from payroll to vendor payments, and connected business files from every other department beyond accounting makes these applications a prime target for hackers.
Legacy software in particular creates a critical point of potential failure if your network is breached, as most of these solutions lack the native cybersecurity features required for modern threats. While some might think that the “analog” nature of on-premise systems makes them better protected against data being exposed, the reality is that most IT ecosystems today are not inherently siloed and users will likely connect some outside application or device that could be piggybacked off to access your databases.
These improvised connections create additional attack vectors while making it harder for security teams to maintain visibility across the entire technology stack. Attackers exploit these gaps, using legitimate integration pathways to move laterally through networks without triggering alerts.
Protecting Your Financial Data in the Cloud
Whether hosting your software with a cloud service provider (CSP) or migrating to a SaaS ERP, you will gain the advantage of having up-to-date cybersecurity resources available with your environment. However, the level of security you receive will still be dependent on which path you choose, as well as your partner’s familiarity with your accounting system in the case of selecting to host your legacy solution.
The Benefits of ERP Hosting
Hosting your ERP in a cloud-based environment gives you the opportunity to gain a “best of both worlds” deal until you are ready to migrate to a SaaS platform. Working with the right provider will grant you access to:
- Continuous security monitoring – Dedicated security operations teams monitor threats 24/7, update systems, patch vulnerabilities, and respond to incidents faster than internal IT departments managing multiple priorities
- Advanced threat detection – Automated tools analyze network traffic patterns, user behavior anomalies, and system logs to identify attacks during reconnaissance phases before attackers can extract data or deploy ransomware
- Geographic backup redundancy – Automated backups stored in separate data centers enable recovery from clean copies in hours rather than days or weeks, protecting business continuity during tax season, quarter-end close, or audit periods
Your accounting department or firm will capture increased operational resilience without needing to expand your IT team. Cloud hosting shifts technical maintenance to the CSP, freeing up your internal resources and allowing you to focus on business priorities.
Learn More About ERP Hosting with SWK Technologies
When you work with SWK Technologies to host your ERP in the cloud, you gain a single partner and point of contact for all of your software, IT and hosted infrastructure needs. When problems arise – whether technical issues with the accounting application or security incidents requiring immediate response – there is no need to coordinate between multiple vendors or determine which provider is responsible for which component of the technology stack.
Contact SWK here to learn more about our Secure Cloud Hosting services, and discover how we can help you ensure your ERP and financial data is protected against modern cyber threats while granting you peace of mind over your business systems.