Whether you’ve had a breach or not – auditors are increasing their focus on your cybersecurity posture. This is because of the risk that a possible future cyber security event could cause a company’s financial statements to be materially misstated.
An article in Bloomberg Law says this increased scrutiny raises questions on how the risk of a future breach could impact financial statements.
But the article notes that the Public Company Accounting Oversight Board issued a statement saying that “[r]isks remain, however, that future cyber attacks may affect issuer financial statement reporting, and as a result, Inspections staff view this as an evolving risk area that requires ongoing focus.”
You may not be a public company, but if you wish to do business with one, that scrutiny could fall on you as a vendor. The same is true if you have regulated organizations as clients – such as healthcare, or financial services.
Increasingly, strong IT security practices – and the documentation of those practices – is a requirement in the marketplace. If you need help getting your IT security to a competitive level, give us a call!