Hiring a Cybersecurity Professional?

Diane Glover

Feb 07, 2018

Fraud prevention

With the occurrence of cybercrimes affecting businesses increasing daily, many companies are looking for outside expertise to help them mitigate their risks. If your company has never engaged a cybersecurity professional before, you may be unsure of what to look for. The IRS suggests businesses use the following four steps when evaluating and selecting a cybersecurity professional:

1. Ask other business owners or professionals for recommendations and references. If you need a recommendation, contact us at 513-858-6040.

2. Keep trust at the forefront of your selection process. Since any cybersecurity professional you hire will have access to sensitive data and systems within your organization, it is essential that you feel comfortable granting such access to them.

3. When interviewing candidates, make sure you learn how much experience they have in data protection. The IRS suggests asking questions such as:

• How does ransomware work and what can we do to protect our systems?
• What are the best options to securely back-up data and why are those options the best?
• Do you have suggestions regarding the following: data encryption, malware, firewalls, disaster recovery and remote access tools?
• Have you ever created a security plan for a similar business?
• Can you do an assessment of my systems and processes to find vulnerabilities or weaknesses? If so, will you then provide recommendations to strengthen my security?
• Will you conduct security simulation tests with our staff?
• What resources do you have to provide continuous staff education regarding security?
• Will you provide ongoing monitoring of my systems as security threats evolve? If so, how often do you recommend changes?

4. Once you have identified the cybersecurity professional or firm that you wish to engage, make sure that you execute a written agreement or engagement letter to ensure both parties understand how you will be working together.

For businesses that do not have an internal resource to help them safeguard their sensitive data and computer systems, hiring an independent cybersecurity professional or firm can be a wise decision. If your business decides to engage this type of resource, use the steps above to help you find the right fit for your company’s unique needs.

About The Author

As the Manager of Practice Growth, Diane focuses on the market awareness and growth of Kirsch CPA Group…

Read More


Sign Up for Email Updates


Accounting & Financial News

Should Your Business Use GAAP Accounting?

It’s easy to understand why lending institutions and investors often require financial statements that comply with the standards of generally…

New Guide: Mastering Cash Flow to Drive Growth

Solid cash flow forecasting and management practices are fundamental to robust financial health and strategic decision-making, but they’re often overlooked…

An Overview of the Percentage of Completion Accounting Method for Construction Businesses

In the complex and sometimes chaotic world of long-term construction projects, many contractors find themselves struggling to…