July-August 2024

Flipbook

In this issue:

July 01, 2024

Spotlight on Cyber Insurance

Cyber Insurance: What It Is, How It Works and Why You Need It

Every 40 seconds, a cyberattack occurs somewhere in the world. In the average time it takes to read this article, 10 to 15 attacks will have happened on global networks and servers. That equates to 2,220 global attacks per day, according to Security Magazine1. That’s more than 800,000 a year.

Not only is the frequency of attacks on the rise, so is the cost. IBM estimated the average global cost of a data breach to be $4.45 million2. That marked a 15% increase over three years.

The damage adds up quickly. Victims of cyberattacks incur many of the following expenses:

  • Infrastructure damage;
  • Incident communication to clients, employees and stakeholders;
  • Identity restoration for impacted parties;
  • Network interruption;
  • Lost revenue;
  • Inability to fulfill contracts;
  • Security enhancements;
  • Litigation costs and attorney fees;
  • Regulatory penalties;
  • Loss of intellectual property and clients;
  • Ransom payments to hackers.

Big or Small, Hackers Attack All

The IBM report also noted the financial sector ranked second in sustaining damage from attacks. Only health care suffered more. Accounting Today reported a 300% increase in cyberattacks on accounting firms3 since the start of the COVID-19 pandemic in 2020.

Hackers target accounting firms of all sizes. The following incidents have occurred.

Last year, three of the Big Four accounting firms were among 500 targets of a global ransomware attack4In November 2022, a Minnesota accounting firm with 270 employees suffered a breach5 that compromised Social Security numbers and other sensitive data. Last year, Accounting Today6 reported a malware attack on a small CPA firm in Georgia. An employee clicked a malicious link, encrypting the firm’s data. They paid a $450,000 ransom to recover their files.

Most small and medium-sized businesses could only survive for a week7 if they suffered a severe cyberattack. Accounting firms no longer have to assume all of the risk.

How Cyber Insurance Works

Cyber insurance, also known as cyber risk or cyber liability insurance, is a fairly new type of standalone policy covering losses from cyberattacks, including breaches or losses of confidential information.

Firms can recover some or all costs from a cyberattack, depending on the policy terms. This insurance requires regular premium payments, and firms can file a claim with the insurer if their network or digital assets are attacked.

A typical cyber insurance policy provides coverage in the following four key areas.

Incident Response covers the costs of dealing with a cyber incident, including forensic investigations, data recovery, legal advice, notification expenses, and public relations efforts.

Business Interruption aids businesses in recovering financial losses from cyber incidents that disrupt normal operations, such as ransomware attacks that shut down critical systems or data breaches causing downtime.

Cybercrime coverage protects businesses from financial losses due to cybercrimes, including social engineering scams, fraudulent wire transfers, funds transfer fraud, and extortion.

Privacy Liability helps businesses cover costs related to legal fees, settlements and damages resulting from data breaches or other privacy incidents that expose sensitive customer or employee information.

Standalone vs. Endorsements

Cyber coverage is often added as a rider to business or property insurance policies. However, these endorsements don’t offer the extensive protection and higher coverage limits of standalone cyber policies. A dedicated cyber insurance policy provides broader coverage for the risks CPAs face, including both first-party and third-party attacks.

First-party and Third-party Coverage

First-party attacks target an accounting firm’s network directly, while third-party attacks occur through another party, such as a client or vendor.

Cybercriminals are not unlike a run-of-the-mill burglar, who continuously searches for weak entry points. In the cyberworld where everything is connected by a network of wires, servers and clouds, a firm’s most vulnerable point is often a third party’s network.

Third-party coverage is crucial for CPAs, as hackers can use breached firm data to target clients, causing financial harm. This coverage helps with attorney costs to defend the firm, crisis management and public relations, settlement costs, court-ordered damages if the firm is found liable, regulatory inquiry responses, and government fines and penalties.

How Coverage is Underwritten

The higher the risk to the insurer, the higher the cost. Cyber insurance carriers evaluate risk based on the following factors.

Industry. High-risk industries like health care, legal and financial services are prime targets due to the sensitive data they store.

Company size. Larger companies have more network entry points.

Annual revenue. Higher revenue makes a company a bigger target for cybercriminals, especially for ransomware attacks. Revenue also indicates the potential financial impact of a breach.

Strength of security measures. Cyber insurance companies assess a company’s security measures, including:

  • Enforcement of MFA, encryption, patch management, backups, email filtering, and endpoint protection;
  • Secondary communication methods for validating fund transfers;
  • Document retention and disposal policies;
  • Access controls and password requirements;
  • Security testing procedures;
  • Effectiveness of employee cybersecurity training programs.

The Benefits of Buying Group Coverage

Due to rising risks and claims, cyber insurance premiums have surged. Purchasing coverage through a professional association like TXCPA can benefit members in a number of ways:

  • Competitive pricing;
  • Expert advice;
  • Access to multiple carriers, including A+ rated insurers;
  • Free, personalized risk assessments.

Click here to learn more about the TXCPA-endorsed cyber liability insurance plan.

A Vital Tool

Cyber insurance is a vital tool for accounting firms to protect themselves from the potential financial and reputational impacts of cyberattacks. Accounting firms should evaluate their cyber risk exposure, compare different cyber options and select the policy that best suits their needs and budget. By doing so, firms can enhance their cyber resilience, confidence and competitiveness in the digital age.

Why choose the TXCPA Member Insurance Program?

  • Coverage designed for professionals and their families.
  • Exclusive member rates from top-rated carriers.
  • Your participation supports the mission of the Texas Society of CPAs.
  • Learn more at txcpainsure.org or call us at 800-428-0272.

Protect What Matters Most with TXCPA Member Insurance

Safeguard your family, property and career with TXCPA Member Insurance. Our association-endorsed insurance offers value and reliability you can trust.

Footnotes

1. Fox, Jacob. “Top Cybersecurity Statistics for 2024.” Cobalt, Dec. 8, 2023. www.cobalt.io/blog/cybersecurity-statistics-2024

2. Cost of a Data Breach Report 2023. IBM, Overview Page. Referenced on May 9, 2024. www.ibm.com/reports/data-breach

3. Salman, Gary. “The rise of cybercrime in the accounting profession continues.” Accounting Today, Aug. 24, 2020. The rise of cybercrime in the accounting profession continues

4. Schappert, Stefanie. “Deloitte joins fellow Big Four MOVEit victims PWC, EY.” Cybernews, Nov. 15, 2023. https://cybernews.com/security/deloitte-big-four-moveit-pwc-ey-clop/

5. Phillips Erb, Kelly. “Big Four Accounting Firm Deloitte Confirms Cyber Attack. Forbes, Sept. 26, 2017.

6. Kelly, Sav. “Brady Martz & Associates faces four class-action complaints for 2022 data breach.” Grand Forks Herald, accessed from Yahoo!, Sept. 23, 2023.

7. Gaetano, Chris. “Cybersecurity for CPAs: One expensive click.” Accounting Today, April 12, 2023. www.accountingtoday.com/list/cybersecurity-for-cpas-one-expensive-click

 

Thanks to the Sponsors of Today's CPA Magazine

This content was made possible by the sponsors of this issue of Today's CPA Magazine:

 
Accounting Biz Brokers Accounting Practice Sales CPA Charge Goodman Financial PAS.Professional Accounting Sales Poe Group Advisors

 

May-June 2026

Flipbook

In This Issue

  • TXCPA Strategic Plan

    Building What’s Next: TXCPA’s 2025-26 Year in Review

    TXCPA’s 2025–26 Year in Review highlights how the organization is responding to rapid change in the accounting profession through a clear strategic vision focused on people, innovation and advocacy. Key efforts include new programs, enhanced CPE and learning through AcctoFi, and technology and chapter integration initiatives. The year also marked major legislative wins, positioning Texas as a national leader.
    View Article

  • CPE: Option-Based Contracts and Foreign Currency Transactions

    This article covers option-based contracts in foreign currency transactions and their treatment as derivatives under ASC 815. It highlights how options differ from forwards and futures, outlines call and put options and their accounting implications, defines key derivative terminology, and illustrates how FX options can hedge one-sided currency risk while preserving upside potential.
    View Article
    Underlyings
  • volunteer leadership

    Celebrating Progress. Shaping What’s Next.

    This issue of Today’s CPA reflects on TXCPA’s achievements during the 2025–2026 membership year while looking ahead to the future. It highlights advocacy successes, profession updates, expanded education offerings, technology investments, and strong member and volunteer engagement. As the year closes, members are encouraged to stay engaged and help shape what’s next.
    View Article

  • CARB vs. No-CARB – The California Climate Accountability Package

    California’s Climate Accountability Package significantly expands corporate climate disclosure requirements, mandating detailed greenhouse gas emissions reporting and climate‑risk analysis for companies doing business in the state. Ongoing legal challenges remain, but enforcement timelines are intact, placing growing responsibility on companies and CPAs to manage data quality, Scope 3 estimates and audit‑ready disclosures.
    View Article
    Scope 1, 2 and 3 emissions
  • Pro Bono Services

    Justice for Fraud Victims Project: Bridging the Justice Gap in Financial Fraud

    The Justice for Fraud Victims Project (JFVP) is a national program that delivers free forensic accounting and fraud investigation services to vulnerable individuals, small businesses and nonprofits. With partnerships among universities, anti-fraud professionals and law enforcement, they help uncover financial crimes and educate future forensic accountants. The model is expanding, including a new program at Lubbock Christian University.
    View Article

  • A Refresher on Auditor Independence: Best Practices Every CPA Should Know

    Auditor independence is essential to maintaining trust in the accounting profession, requiring both objectivity and the appearance of impartiality. Common threats - such as self-interest, self-review and familiarity - continue to lead to violations. Strong firm policies, ongoing training and effective use of technology are key to preventing these issues.
    View Article
    Quality Control Systems
  • Xero

    After QuickBooks Desktop: What CPAs Need to Know Now

    This article outlines the key implications of QuickBooks Desktop's phased discontinuation, including service discontinuation risks, operational failures, backup and archival strategies, migration challenges, and alternative accounting platforms. It also provides guidance for CPAs to take a proactive approach to managing and executing client migrations.
    View Article

  • Are Municipal Bond Investors Sitting on a Ticking Tax Bomb?

    Tax‑exempt municipal bonds purchased at deep discounts can quietly trigger ordinary income taxation under the IRS de minimis rule, eroding after‑tax returns and creating surprise tax bills at maturity. By comparing after‑tax “true yield” and proactively swapping discounted bonds for higher‑coupon alternatives, CPAs and financial advisors can help clients defuse a hidden tax bomb and improve portfolio outcomes.
    View Article
    Tax‑Exempt Securities
  • Quantum Computing

    Risks, Realities and the Evolving Role of CPAs Auditing Emerging Technologies

    Emerging technologies are reshaping auditing by embedding automation, advanced analytics and decentralized systems into core business processes. While these tools improve efficiency and insight, they introduce new risks that challenge traditional audit approaches. CPAs must adapt methods, rely more heavily on professional judgment, and uphold independence and integrity to sustain trust in financial reporting.
    View Article

  • What’s Happening Around Texas - May-June 2026

    TXCPA chapters across Texas are making an impact through service, networking and professional development. Recent highlights include volunteer and scholarship efforts in Austin, community engagement and member meetups in Dallas, student outreach and advocacy in East Texas, and career-focused events in Houston that strengthen connections within the accounting community.
    View Article
    volunteer advocacy
  • volunteer leadership

    Advocacy Update – Elections and the 2027 Legislative Session are Right Around the Corner

    TXCPA is preparing for the 2027 Texas legislative session as the 2026 elections shape the political and policy landscape. Key focuses include monitoring election outcomes, emerging legislative issues and national deregulation efforts that could impact CPA licensure and practice, while encouraging continued member engagement and advocacy.
    View Article

  • Why Positioning Matters More Than Ever for CAS Firms

    Client advisory services deliver the most value when firms clearly define who they serve and which problems they solve. Clear positioning enables standardized workflows, repeatable service offerings and more predictable growth.
    View Article
    Service differentiation
  • Word Challenge

    Take Note

    In this edition of Take Note: Renew Your TXCPA Membership; Accountants Confidential Assistance Network (ACAN); 2026 CPE Programs; Word Game - Positioning That Powers Growth
    View Article

  • Classifieds

    The Classifieds section of Today's CPA provides a one-stop destination to find practices for sale, connect with buyers, and access services that support growth, transition and market expansion.
    View Article

CHAIR
Mohan Kuruvilla, Ph.D., CPA

PRESIDENT/CEO
Jodi Ann Ray, CAE, CCE, IOM

CHIEF OPERATING OFFICER
Melinda Bentley, CAE

EDITORIAL BOARD CHAIR
Jennifer Johnson, CPA

MANAGER, MARKETING AND COMMUNICATIONS
Peggy Foley
pfoley@tx.cpa

MANAGING EDITOR
DeLynn Deakins
ddeakins@tx.cpa

COLUMN EDITOR
Don Carpenter, MSAcc/CPA

DIGITAL MARKETING SPECIALIST
Wayne Hardin, CDMP, PCM®

CLASSIFIEDS
DeLynn Deakins

Texas Society of CPAs
14131 Midway Rd., Suite 850
Addison, TX 75001
972-687-8550
ddeakins@tx.cpa

 

Editorial Board
Derrick Bonyuet-Lee, CPA-Austin;
Aaron Borden, CPA-Dallas;
Don Carpenter, CPA-Central Texas;
Rhonda Fronk, CPA-Houston;
Aaron Harris, CPA-Dallas;
Baria Jaroudi, CPA-Houston;
Elle Kathryn Johnson, CPA-Houston;
Jennifer Johnson, CPA-Dallas;
Lucas LaChance, CPA-Dallas, CIA;
Nicholas Larson, CPA-Fort Worth;
Anne-Marie Lelkes, CPA-Corpus Christi;
Bryan Morgan, Jr, CPA-Austin;
Stephanie Morgan, CPA-East Texas;
Kamala Raghavan, CPA-Houston;
Amber Louise Rourke, CPA-Brazos Valley;
Shilpa Boggram Sathyamurthy, CPA-Houston, CA
Nikki Lee Shoemaker, CPA-East Texas, CGMA;
Natasha Winn, CPA-Houston.

CONTRIBUTORS
Melinda Bentley; Kenneth Besserman; Kristie Estrada; Holly McCauley; Craig Nauta; Kari Owen; John Ross; Lani Shepherd; April Twaddle; Patty Wyatt