Risks of cyberattacks on accounting: Analysis of modern threats and preventive measures

Abstract

The increasing digitalization of accounting systems has amplified vulnerabilities to cyberattacks, yet practical strategies to address sector-specific risks remain underexplored. This study explored prevalent cyber threats in the accounting industry, such as phishing directed at enterprise resource planning systems, unauthorized access utilizing mobile devices, and invoice fraud. The investigation was conducted in a manner that combined interviews with accounting and cybersecurity professionals and comparative case reviews of organizational practices. A statistical analysis showed that multi-factor authentication reduced cyber-attack likelihood by 58% while regular employee training reduced the risk by 37%. Organizations with combined Information Technologies (IT) and accounting teams took 40 percent less time resolving security incidents than organizations with separate departments. The results showed that mid-sized firms generally had poor preparedness, while bigger firms showed adherence to international security standards. They also highlighted the need for mandatory cybersecurity training, collaboration across departments, and strategic investments in adaptive security frameworks. Regulatory incentives for small and medium enterprises to adopt cost-effective mitigating safeguards are also a policy implication. The results help bridge theoretical cybersecurity models and real accounting practice by providing actionable advice on making operations more sustainable while mitigating the increasing threat of cyber incidents.