Preparing for the Aftermath

One thing businesses have earned when this pandemic got going and they had to restructure many aspects of their business was that in some respects they were not well prepared for such an occurance. They can be excused. Who could have foreseen it all?

One of the key areas where preparation could have been better for many companies was in the area of employees working at home. Security structures for home environments needed to be ramped up quickly, in order to protect key data such as customer information and sensitive transactions such as cash transfers in and out of bank accounts.

It’s never too early to start planning for the next time and for the changes that are likely to survive the current pandemic. This means doing things like improving support for offsite workers, with better transmission protocols and security for offsite transactions and data, instruct and provide tools for the staff to protect themselves from phishing attacks, lock down APIs, clean up code, review cloud architectures, and other similar steps. For more , check out this excellent article 

No time to Reduce Security

In the face of the pandemic, companies are cutting expenditures, and as often happens, it appears they are cutting expenditures on cybersecurity. “Gartner estimates a $6.7 billion decrease overall in global security spending in 2020 for software and services as a result of the economic impact of the pandemic, while Forrester Research has warned security teams to expect to see leaner budgets and trimming of their already-thin staffs.”

At the same time, increases in online business and offsite working have led to new security challenges. It seems the wrong time to be cutting cybersecurity expenses.

Part of the reason for the cuts is that companies are increasingly moving to cloud systems, and using cloud based security (SOC). This may not be a good thing. As companies outsource their security they tend to lose some control over it which presents a new set of issues. They may find they need to renew their security spending sooner than they thought.

Data Breaches No one is safe

by Donald E Sheehy, CPA, CA, CISA, CRISC, CITP/C

Effective November 1, 2018 businesses in Canada became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA). Previously, data breach reporting was done on a voluntarily basis only.

Read more

CPA Founding Partner

Chartered Professional Accountants of Canada (CPA Canada), one of the largest national accounting organizations in the world, has chosen to become a founding partner of ThinkTwenty20.