Skip to Content
May 31, 2017 Article 1 min read
With cybersecurity threats on the rise, the AICPA has created a new attestation service to demonstrate the effectiveness of internal controls aimed at preventing and detecting these threats. Here’s what you need to know. 

 woman with glasses looking at technology

A rise in cybersecurity threats across all industries has caught the attention of boards of directors, executives, investors, and consumers alike.  After all, ransomware attacks and security breaches can cause business interruption, financial losses, and brand erosion; according to a recent study by the Ponemon Institute, the cost of an average data breach has now reached approximately $4 million.

That’s why the AICPA has created a new type of attestation service to demonstrate the effectiveness of internal controls aimed at preventing and detecting cybersecurity threats.  Called SOC (Service Organization Controls) for Cybersecurity, this new attestation service will (1) evaluate a company’s cybersecurity risk management program against a set of criteria or objectives and (2) leverage widely accepted cybersecurity frameworks to create a common language for reporting to stakeholders about the extent and effectiveness of an organization’s cybersecurity risk management program to increase stakeholder confidence.

Any organization can proactively leverage this new attestation. Be sure to partner with a firm that not only has the requisite cybersecurity expertise but also employs a holistic approach to evaluate people, processes, and technology. This is the best way to uncover your risk exposure to cybersecurity threats. 
Cybersecurity threats affect any business concerned about protecting the data, brand, intellectual property, and operating systems that allow them to efficiently run their enterprise.  For more information, give us a call. We can help.