The cost of data breaches for US companies exceeds $6 million, not including loss of reputation or negative media or customer attention. Imagine how devastating the impact can be, particularly for small CPA firms with fewer resources to manage their cyber or reputational risk. Clearly, a data breach is disruptive, but it is not time to reach for the panic button.
It’s critical, however, to have a response plan in place before an incident occurs. The plan should consider every possible scenario – and the role staff will play to keep that plan on track.
These are some key factors to consider:
- Assess priorities and risks based on what you know about the breach.
- Bring in forensic professionals to begin an in-depth investigation.
- Build an internal response team. Small CPA firms do not always have a Chief Information or Technology Officer, so senior management should be the first line of defense.
- Make sure to include legal, marketing, public relations and compliance in the mix.
- Communication is key. Focus on the right messages and how to share them with customers throughout the process using traditional and digital channels.
Our small firm RLI Privacy Protection Package for Accounting and Legal Professionals is designed for you. It provides access to information and sophisticated technical resources to help minimize data breaches – before you hit the panic button.
Click Here to learn how your company can manage data breaches and potential cyber threats.