{"id":114557,"date":"2023-10-12t12:55:10","date_gmt":"2023-10-12t16:55:10","guid":{"rendered":"\/\/www.g005e.com\/?p=114557"},"modified":"2024-08-27t17:00:58","modified_gmt":"2024-08-27t21:00:58","slug":"donny-shimamoto-a-data-breach-will-cost-you-plenty-directly-and-indirectly","status":"publish","type":"post","link":"\/\/www.g005e.com\/2023\/10\/12\/donny-shimamoto-a-data-breach-will-cost-you-plenty-directly-and-indirectly\/","title":{"rendered":"how much a data breach will cost you \u2013 directly and indirectly"},"content":{"rendered":"
<\/b><\/p>\n
for many, it could cost an entire business.<\/b><\/p>\n
by donny shimamoto as quickly as the irs detects cyber schemes, fraudsters come up with other attack vectors. many are funded by rogue nation-states, so they have more resources available to them than we do.<\/p>\n more: <\/strong>future firm growth requires a mindshift<\/a>\u00a0|\u00a0ai, ocr, nlp & cpas: oh my!<\/a> | accounting nerds, unlock your super powers<\/a> | early adopters gain an edge in audit<\/a> | dustin wheeler: for serious cas success, hire tech teams<\/a> | csr for cpas: the missing ingredient<\/a> | donny shimamoto explains how ‘agile’ applies to cpa firms<\/a> | staff retention for remote workers<\/a> | why the future is in risk advisory<\/a> | ready for non-cpa ‘cpa’ firms?<\/a> however, this doesn\u2019t mean that you can give up and let them run rampant. doing so leaves you vulnerable to litigation in the event of a data breach, and possible business disruption from ransomware.<\/p>\n <\/p>\n the bottom line is that the fraudsters have figured out that your firm has a treasure trove of taxpayer information. additionally, they\u2019ve realized that small tax firms aren\u2019t as sophisticated and often don\u2019t have strong cybersecurity measures in place. you must take steps to protect your firm and your clients.<\/p>\n understanding the cost of a data breach dealing with a data breach includes both direct costs and indirect costs. direct costs include those costs that you incur to investigate the data breach, minimize the consequences of the data breach and assist victims (your clients) in protecting themselves from potential fraud.<\/p>\n sometimes when i present at conferences about the cost of the data breach, the question comes up: \u201cwell, i have cyber-liability insurance. won\u2019t that cover everything? do i need to worry about these costs?\u201d the answer is yes. you still need to worry about these costs. the reason for this is that cyber-liability insurance will often cover the direct costs, but it doesn\u2019t cover the indirect costs.<\/p>\n and indirect costs often have a much greater impact \u2013 especially for smaller firms.<\/p>\n these include lost time of your staff and yourself in dealing with notifying customers and their resulting inquiries, time spent working with investigators and authorities, time responding to regulators and others who are ensuring the appropriateness of your response to the data breach, and also the potential loss of current and prospective clients. these indirect activities and costs can often be much more disruptive for small firms because firms are already stretched thin in staffing, and now you have to deal with the data breach plus continue normal operations. this is even worse if the data breach is discovered during busy season.<\/p>\n what triggers a data breach? generally, when there is unauthorized access to personally identifiable information (pii), a data breach is considered to have happened. originally pii was only defined as:<\/p>\n however, because of the increasing sensitivity of the public to privacy concerns and resulting legislative actions, the following is also often considered to be part of pii, too:<\/p>\n tax practitioners often have access to their client\u2019s tax information, bank account numbers and sometimes other personal information \u2013 especially if they are doing full financial planning for clients. so, be sure you understand which of the data you have must be protected and reported on if you have a suspected or actual data breach. yes, these requirements apply even if you only have a suspected data breach, too.<\/p>\n estimating the cost of a data breach<\/strong><\/p>\n what does it cost to deal with a data breach? according to the 2022 cost of a data breach report from ibm, it\u2019s $164 per record.<\/p>\n <\/p>\n <\/p>\n you can use this number to estimate your cost of dealing with a data breach. to estimate the impact of a data breach on your firm, count the following:<\/p>\n multiply the sum of the above by $164.<\/p>\n keep in mind the average cost above includes a wide range of organization sizes, so for small and midsized firms, i often recommend multiplying the number by two or three. this is because you won\u2019t have the economies of scale that the larger organizations will have in dealing with these data breaches.<\/p>\n in doing the math, you may realize that a data breach for you or your clients could easily cost no less than the very business that was created and breached in the first place. that in itself is worth going the extra mile to protect.<\/p>\n","protected":false},"excerpt":{"rendered":"
\ncybersecurity for accountants<\/em><\/p>\n
\n\u00a0exclusively for pro members.\u00a0log in here<\/a>\u00a0or\u00a02022世界杯足球排名 today<\/a>.<\/span><\/p><\/blockquote>\n
\n<\/strong><\/p>\n
\n<\/strong><\/p>\n\n
\n
\n
the chart above shows you the average cost per record that was involved in a data breach in the u.s. this cost has increased significantly in the last couple of years (over the pandemic), so it is even more important that you take proactive action to prevent a data breach from occurring.<\/h6>\n
\n