‘Security Six’ shields tax pros from cyberattacks

August 22, 2024
1 min read



TLDR: The ‘Security Six’ protects tax pros against cyberattacks

Key points:

  • Data thieves are becoming more cunning, prompting the IRS and its partners in the Security Summit to outline six steps for tax practitioners to protect themselves.
  • The six steps include using the latest antivirus software, firewalls, multifactor authentication, backup software, drive encryption, and VPNs.

As cyberattacks targeting tax professionals continue to rise in sophistication, the Internal Revenue Service (IRS) and its partners in the Security Summit have identified six crucial steps practitioners should take to safeguard themselves against data breaches. According to IRS Commissioner Danny Werfel, tax professionals must prioritize security basics amidst the complex challenges of running a business and staying updated on tax law changes.

The ‘Security Six’ steps outlined by the IRS and its partners are as follows:

  1. Latest Antivirus Software: Tax professionals must regularly update their antivirus software to scan for malware patterns that cybercrooks continually update.
  2. Firewalls: Shield computers and networks from malicious web traffic and help block malware.
  3. Multifactor Authentication: Implement an additional layer of protection beyond passwords, as required by new FTC rules.
  4. Backup Software or Services: Routinely back up critical files on external sources to protect against cyberattacks, device failure, and natural disasters.
  5. Drive Encryption: Transform data into unreadable files to prevent unauthorized access.
  6. VPNs: Use virtual private networks to create encrypted tunnels for secure data transmission between remote users and company networks.

By following these security measures, tax professionals can significantly reduce their vulnerability to cyber threats and protect sensitive taxpayer information. Staying proactive in implementing and maintaining robust security practices is essential in the ever-evolving landscape of cybercrime.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and