Consulting with a cybersecurity professional should be a top priority for tax businesses to protect their clients’ data. Tax preparers deal with a large amount of sensitive information including social security numbers, bank account numbers, EINs, etc. This makes them perfect targets for cybercriminals whose main objective is to file fraudulent tax returns.
“As cybercriminals become more sophisticated, efforts must be made to protect key sensitive information. It is no longer acceptable to believe that living in anonymity will protect you from data breaches.” – Keith Hamasaki, CPA, Assurance and Advisory Director
Each week, the IRS receives reports from tax professionals who experienced data theft,1 therefore, the IRS recommends working with a cybersecurity professional to safeguard clients’ data.
They have provided some tips on the selection process:
- Ask for recommendations
- Be selective
- Do interviews
- Make sure to sign an agreement or engagement letter outlining the terms of your request
The KROST Assurance and Advisory team is equipped with the tools and knowledge to perform cybersecurity risk assessments. Keith Hamasaki, Steve Chhuor, and Mara Garcia are all certified by the AICPA after completing their Cybersecurity Advisory Services Certificate Program. KROST can advise on the implementation of a cybersecurity risk management program for businesses after a thorough assessment.
Contact our Assurance and Advisory team if you are interested in conducting a cybersecurity risk assessment for your business.
1 Identity Theft Information for Tax Professionals (https://www.irs.gov/identity-theft-fraud-scams/identity-theft-information-for-tax-professionals)