Skip to main content

The 5 Rules of Cyber Security

Colm Owens  June 15, 2020

The 5 Rules of Cyber Security

Richard Jackson looks at the 5 rules of cyber security and highlights weaknesses that are common in accountancy firms.

The Irish Accounting & Tax Summit Virtual kicks off tomorrow is a fully interactive, live, virtual, event bringing Ireland’s top CPD speakers directly to your laptop, tablet or device.

The Irish Accounting & Tax Summit features 16 CPD sessions across 4 weeks giving you access to, up to 16 hours CPD across a range of core CPD topics. In addition, you will also get access to the event recordings and digital note packs.

Discover the full line up and register your seat here:

www.accountingandtaxsummit.com

rules of cyber security

Transcript of Video – The 5 Rules of Cyber Security

This transcript was created using AI and may contain some mistakes.

Straight into the rules. Number one, if there’s a vulnerability, it will be exploited. So if you’ve got a vulnerability in your practice, it will be exploited at some stage, no exceptions. Mmm. Hackers will attempt to hack anything. Yes. Well, they did review your accountancy practice. Think about your, your it infrastructure and any vulnerabilities, including the human beings.

Um, because if there’s a weakness, it will be exploited. There are no exceptions to that rule. Number two, everything is vulnerable in one way or another. So in the past, we might have been confident that that’s, uh, we weren’t, we were secure, uh, we were compliant and that we couldn’t be hacked. Uh, we can’t have that view anymore.

It must assume that everything is, uh, is potentially able to be hacked and we will be attacked and that we must prepare accordingly. So it’s not a question of if we’ll be attacked or if your accountancy practice will, will be hacked or attacked by a cybercriminal or malicious threat actors they referred to you will be. It’s just a question of when,

and you just need to be ready to make sure that you can, you can handle that when it happens. Rule number three Des and I had a chat about this subject before the webinar. And this is a huge subject. This is quite a deep subject because it gets into that the way that humans process and the way we are and what makes us different, uh,

humans trust, even when they shouldn’t, um, cyber crime relys completely on the fact that we trust what comes into our inbox or what we see genuine on the fact that it’s safe to click oil that we’ve bought and out of the box, uh, antivirus for 20 pounds. I mean, it’s going to be as strong as Fort Knox. It isn’t going to be,

uh, we trust the ears because the box says it’s going to be, um, so the strength and the uniqueness of human trust is also our greatest vulnerability. Um, so one of the greatest challenges for cyber security is how do we affect that and how do we change? The fact that human beings are generally non cynical and trusting. Um, we take things at face value.

So, uh, that’s, that’s a huge subject. That’s rule. Number three, rule number four with innovation comes the opportunity for exploitation. Um, a great example of this is in a doctor’s surgeries, where you go in and you, you know, maybe presented with a tablet to sign your name, your date of birth. Um, you’ve got someone like me standing behind you,

shoulder surfing, and I’m basically gathering all of your personal data. Uh, and then you go to the reception desk and they ask you your home address. So quite quickly, the innovation of making the sign in process quick and easy has actually increased the cyber risk. And that’s across that’s across the world. That’s across all, all environments our more connected. Lifestyle has made our lives more convenient,

but it’s come with what I call a dark plus one, which is the risk of cyber crime has increased. So he’s come with his dark friend basically. Um, and that’s something we need to be incredibly focused on, especially in accountancy, where there were, uh, technology and adoption is being forced upon your sector so heavily. Um, and security is not always in the mind that the providers of the software that you’re are you,

uh, being sold to by. So, um, it’s, that’s not their greatest priority. Their priority is to sell to you. The onus of responsibility for security is on you as well. Right? Europe rule number five, when in doubt, refer back to rule one. If your accountancy practice has a vulnerability, it will be exploited. That’s the main takeaway from the five rules.