Cybersecurity Lab — Building a nimble cybersecurity response plan

Securing data against bad actors is crucial to the long-term success of a business. The average cost of a data breach in the U.S. in 2022 was over $9 million. With proper planning the risk can be mitigated, and even if an incident occurs, the cost and the time to recover can be significantly reduced.

In this Tax Section Odyssey episode, April Walker, CPA, CGMA, Lead Manager — Tax Practice & Ethics, Association of International Certified Professional Accountants, representing AICPA & CIMA, speaks with Ashley Grover, Cybersecurity Threat Intelligence Analyst — Sylint, on the latest trends in cybersecurity and how businesses can better protect themselves.

What you’ll learn in this episode

• Ashley’s role as a cyber threat analyst (0.33)
• Why businesses should take cyber threats seriously (2.20)
• Coordination with information technology (IT) department/providers (4.47)
• Safeguards rule contained in the Gramm-Leach-Bliley Act (7.53)
• Actions for an IT department to safeguard data (8.32)
• Current cyber threat trends and infiltration techniques (11.42)
• Specific recommendations for tax professionals (17.58)
• Remediation tips should a cybersecurity incident occur (19.38)
• What a cyber incident response would entail (21.20)
• Final thoughts (23.44)
• A page from Ashley’s travel journal (26.30)

 AICPA resources

• Gramm-Leach-Bliley Information Security Plan Template — Tax preparers must implement security plans to protect client data. Failure to do so may result in an FTC investigation. Download and customize this template to document your firm’s policies.
• Professional responsibilities in data security for tax professionals — Safeguarding your client’s data is paramount. Use these laws and guidelines to help you help your clients.
• Tax Identity Theft Toolkit — CPA tax practitioners need to combat tax-related identity theft daily as it has become pervasive globally. Use this toolkit to tackle tax identity theft issues with your clients.

Other resources

• Cybersecurity and Infrastructure Security Agency (CISA) — CISA works with partners to defend against today’s threats and collaborates to build a more secure and resilient infrastructure for the future.
• National Institute of Standards and Technology (NIST) Cybersecurity Framework — A set of industry standards and best practices developed by NIST to help organizations manage cybersecurity risks.
• Center for Internet Security (CIS) Controls Framework — A prioritized set of actions to protect an organization and data from cyber-attack vectors.

Keep your finger on the pulse of the dynamic and evolving tax landscape with insights from tax thought leaders in the AICPA Tax Section. The Tax Section Odyssey podcast includes a digest of tax developments, trending issues and practice management tips that you need to be aware of to elevate your professional development and your firm practices.

This resource is part of the robust tax resource library available from the AICPA Tax Section. The Tax Section is your go-to home base for staying up to date on the latest tax developments and providing the edge you need for upskilling your professional development. If you’re not already a member, consider joining this prestigious community of your tax peers. You’ll get free CPE, access to rich technical content such as our Annual Tax Compliance Kit, a weekly member newsletter and a digital subscription to The Tax Adviser.