Quicklinks

  1. About Us

    Find out about who we are and what we do here at ICAS.

  2. Find a CA

    Search our directory of individual CAs and Member organisations by name, location and professional criteria.

  3. CA Magazine

    View the latest issues of the dedicated magazine for ICAS Chartered Accountants.

  4. Contact Us

    Get in touch with ICAS by phone, email or post, with dedicated contacts for Members, Students and firms.

ICAS launches a new cyber security hub

By Alice Telfer, Head of Business Policy and Public Sector

20 February 2023

In recognition of increasing concerns about cyber security, ICAS has set up a new online cyber security hub to help members navigate to relevant  resources.

The range of resources is primarily targeted at SMEs. In conjunction with cyber security specialist, Mitigo, the cyber security hub outlines:

  • Why cyber security is important
  • Cyber risks
  • The cyber risk management process
  • What to do if a cyber risk is identified
  • Links to further resources and where  find guidance.

Cybercrime is a serious and strategic risk for all organisations, regardless of their size. Cyber security is a board priority that should be amongst the top risks on the business risk register. It is not just a concern for IT.

Greater awareness and expertise will help you to manage cyber security effectively. Risk exposure is more pervasive than IT systems. It includes operational systems such as production, communications and physical security. Methods of attack are constantly changing and are becoming increasingly sophisticated. Your defences need to evolve to keep you protected, therefore, periodic assessment is important.

Cyber risk management

Mitigo explains the three key steps of cyber risk management:

  • Cyber assessment to help you assess your current risk and vulnerabilities.
  • Controls and defences to ensure your technology is safe and secure.
  • Periodic assessment including ongoing testing, assurance and support to keep you cyber secure.

The risks and vulnerabilities for accountants are varied, but commonly include the following:

  • Phishing attacks.
  • Unsecure remote workspaces.
  • Insecure and poorly configured cloud email accounts.
  • Inconsistent cyber and security training.
  • Supply chain weaknesses.

What happens if a cyber risk is identified?  

CAs have access to an emergency helpline offering support from cyber security specialists Mitigo. If you have either suffered or suspect you may have suffered, a cybersecurity incident, you will need to act quickly.

This helpline provides a rapid response, containment, and investigation service. They will assist you with reporting obligations to regulators, the Information Commissioner’s Office, ICAS and to your clients.

Additional resources

A key source of guidance comes from the UK Government’s National Cyber Security Centre (NCSC). They offer tailored guidance for large organisations, SMEs, public sector and technical experts.

ICAS has also published a range of resources and articles to help you:

  • Understand the essentials;
  • Find good practice including board toolkits, briefing packs, guides for small businesses and charities;
  • Locate guidance on how to identify and manage risks; and
  • Access training and cyber essentials certification.

Find out moreaccess the ICAS cyber hub and additional resources.

CyberScotland Week takes place from February 27 – 5 March 2023. Keeping everyone cyber aware and resilient is their mission, more information can be viewed on their website.

ICAS logo

Our cookie policy

ICAS.com uses cookies which are essential for our website to work. We would also like to use analytical cookies to help us improve our website and your user experience. Any data collected is anonymised. Please have a look at the further information in our cookie policy and confirm if you are happy for us to use analytical cookies: