In advance of the transition to digital taxation, the UK200Group, the UK’s leading membership organisation for independent chartered accountancy and law firms, has set up a Digitalisation Taskforce, which will help its members to support their clients through the process.
A key priority of the Digitalisation Taskforce is keeping clients safe from cybercrime while they switch to digital tax.
With the majority of businesses in the UK using the internet, and many relying on it for finding customers, making payments and communicating, the risk of falling foul of cybercriminals has never been greater.
And with digital tax reporting required of many businesses from 2018 or 2019 (depending on their turnover), cyber security and safety are pushed even higher on the agendas of business owners, and the accountants who will help them through this historic change.
Jeremy Gardner is a senior accountant at Roffe Swayne and lead on cybercrime for the UK200Group Digitalisation Taskforce, who was impressed by the Government’s most recent provisions for cyber security in the UK.
In light of this and the move to digital taxation, he has provided an extensive comment on cybercrime and the switch to digital tax.
We are constantly reminded every day of the increasing role that technology plays in our lives, in many different ways. It is particularly encouraging to see the Government’s digital strategy, which will have far reaching consequences for businesses in the UK and in particular in the SME market.
There is arguably concern from some quarters that the strategy is simply rhetoric, however the seven strands referred to in the policy appear to show a real depth of understanding around the issues facing all businesses in the UK.
We are particularly encouraged by the plans to make the UK the best place to start and grow a digital business, to help already established business make the transition to the digital age and to make the UK one of the safest places to operate digitally, looking to build on an already enviable reputation.
The framework set out by the Government provides timely input into the UK200Group’s own Digitalisation Task Force which aims to assist its members and clients in making the transition into the digital age over the coming years.
But what can businesses do to protect themselves?
Often, it is social engineering that leads to problems as far as ransomware is concerned, because the delivery mechanism will always be an email being delivered or a website being visited. Therefore, people need to be educated not to click on suspicious links or open unsolicited attachments, and to be prepared to question suspect emails and, if necessary, escalate them.
Threats include infections such as CryptoWall, which aims to compromise a firm’s systems by locking them out, and then demand a ransom in order to restore the data.
The firm then has the choice between paying the ransom and attempting to rebuild its database from paper records.
Another common form of fraud is the ‘whaling attack’, or CEO fraud, in which an email is sent, purportedly, from the CEO or finance director of the company, generally to the finance department staff, asking them to make urgent money transfers otherwise risk losing some business. The email proves to be fake and the money is lost.
This demonstrates how the relatively new social engineering element is a huge threat for businesses. People in business naturally want to help colleagues and provide information and this is the thing that is being exploited. The fundamental problem is that people just aren’t aware of the risks.