The annual global cost of cybercrime is high and getting higher all the time. In fact, cyber criminals reap a windfall from their activities that is estimated to have been $450 billion in 2015 and is anticipated to climb to an annual $10.5 trillion average by 2025. In the United States alone, the FBI received reports of 880,418 cybercrime complaints involving $10.4 billion in 2023. Almost all of that cybercrime began with-and continues to start with-a social engineering concept known as "phishing."
Certain business organizations, among which are those referred to as "financial institutions," are charged by the FTC with taking particular steps to protect their customers' financial information. Included in the category of financial institutions are professional tax preparers. Professional tax preparers normally maintain a significant amount of taxpayer information in various files-electronic and paper-that would be a treasure trove for cyber criminals.
In this course, tax preparers are introduced to the problem of cybercrime and its costs, offered methods that can be expected to reduce the chances of becoming a cybercrime victim, and informed of proper steps to take if they do become victims of cybercrime. Accordingly, it will examine cybercrime and will discuss:
The extent of the cybercrime problem;
The potential costs to a tax preparer whose taxpayer data have been breached;
The best practices a tax preparer may implement to avoid becoming a cybercrime victim; and
What a tax preparer should do if its taxpayer data has been breached.
Learning Objectives
After completing this course, you will be able to:
Chapter 1
Identify the source of the most frequent type of malicious access to a firm's taxpayer information;
List the most common types of cyber attack;
Describe how a denial-of-service attack operates to impede business operations; and
Recognize the dangers of Trojan horses.
Chapter 2
List the principal federal laws and regulations governing the security of taxpayer information;
Understand the objectives and requirements of the Safeguards Rule;
Identify the notification requirements imposed by the Financial Privacy Rule; and
Distinguish between a customer and a consumer under FTC regulations.
Chapter 3
List the principal causes of a data breach involving customer records;
Identify the investigation and remediation activities normally undertaken by an organization following a data breach involving customer information;
Recognize the average costs of a data breach in the United States; and
Understand the probability of a business experiencing a data breach within the next 24 months.
Chapter 4
Recognize the function of a firm's Information Security Plan;
List the principal sections of an Information Security Plan;
Identify the role of an Information Security Plan's physical security procedures; and
Describe the elements comprising a firm's information and computer system.
Chapter 5
List the data use and retention areas generally vulnerable to unauthorized access of taxpayer information; and
Identify best practices for securing taxpayer information.
Chapter 6
Identify the steps that should be taken by a business to stop or limit additional data loss if a data breach has occurred involving its clients;
Recognize the need for a comprehensive communications plan;
List the entities that should be notified in the event of a data breach; and
Identify the additional protections that may be recommended if a data breach involves the compromise of clients' Social Security numbers.
Major Topics
The Nature of Cybercrime
Staying Current on Cyberthreats & Avoidance Strategies
The Gramm-Leach-Bliley Financial Modernization Act
Penalites for Unauthorized Disclosure or Use of Taxpayer Information
Data Breach
Probability of Experiencing a Data Breach
Ensuring Data Securing
Identifying the Risks and Their Impact
Recommended Practices
DOL Best Practice Guidance
When a Data Breach Occurs
Fix Vulnerabilities
Notify Appropriate Parties
