Finance and Accounting Professionals and Cybersecurity Awareness

Published date01 January 2018
AuthorJohn A. Pendley
Date01 January 2018
© 2018 Wiley Periodicals, Inc.
Published online in Wiley Online Library (
DOI 10.1002/jcaf.22291
Finance and Accounting Professionals
and Cybersecurity Awareness
John A. Pendley
Good cyberse-
curity practices
are just common
sense. If you’re
walking on the
street in a bad
area, you know to
be smart—don’t
flash your watch,
and protect your
wallet. Do the
same thing with
your company’s
Don’t leave key
data unprotected.
Educate yourself
and everyone who
works with you.
If everyone knows
that security is
part of them,
they won’t click
on the phish-
ing link—they
won’t let the bad guy
in. (Thomas Pageler,
information security
executive, in an address
at the AICPA CFO
Conference, Denver,
CO, May 2015)
The popular and business
press devote considerable atten-
tion to cybersecurity stories.
The big data breaches and mal-
ware outbreaks are covered in
detail by the big news networks
and influential newspapers. We
are told by the major
news outlets that
cyber criminals are
lurking everywhere
in “cyberspace,” and
that their cunning is
overwhelming and
unstoppable. The
smallest gap can be
exploited, putting
at risk major pools
of assets and the
identities of anyone
who uses an Internet
browser. And the
worst of it all is that
the average citizen
is powerless to do
much about it.
This is not the
type of awareness
that is cultivated in
this article. Rather,
the article covers
active ways that
financial profession-
als can make practi-
cal improvements in informa-
tion security. Certainly, the
points covered below would
not stop a major breach, and
this advice is certainly inap-
propriate and insufficient
for highly sensitive national
In this article, the author shows how financial
professionals can become involved in creating
more secure information technology (IT) envi-
ronments. It is certainly beneficial to know the
facts surrounding large security breaches and to
have a basic understanding of the consequences
of security problems. But accountants should
move beyond that level of factual knowledge and
engage in proactive thinking about security issues
in their organizations and, ultimately, translate
this thinking into actions that can help thwart
cyber criminals. The ideas presented in this article
can be implemented by anyone in a managerial
or administrative role and include fundamental
behaviors, organizational policies, and software
tools that can help identify and prevent common
threats from illegal cyber activity. While the article
concentrates on basic security solutions, guidance
is also presented on additional steps to take when
the organization is ready to move to higher levels
of sophistication and maturity in cybersecurity
awareness. © 2018 Wiley Periodicals, Inc.
Editorial Review

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT