Cybersecurity for Accounting Practices: Implementing and Maintaining an Effective Data Security Plan

Welcome! Strafford is now BARBRI! The expert courses you know from the trusted global leader in legal education.
Course Details
- smart_display Format
Live Online with Live Q&A
- signal_cellular_alt Difficulty Level
Intermediate
- work Practice Area
Accounting
- event Date
Monday, October 27, 2025
- schedule Time
1:00 p.m. ET./10:00 a.m. PT
- timer Program Length
110 minutes
-
BARBRI is a NASBA CPE sponsor and this 110-minute webinar is accredited for 2.0 CPE credits.
This webinar will discuss the common cyber threats to accounting practices and walk firms through the process of structuring a data security plan to safeguard client data and prevent data breaches.
Faculty

Mr. Ferrara is the Founder and CEO of Ferrara IT Services, a Managed IT and Cybersecurity provider supporting law firms, nonprofits, financial services, and healthcare organizations nationwide. With more than a decade of experience advising executives, he specializes in aligning technology with business goals—helping organizations modernize infrastructure, strengthen cybersecurity, and turn IT investments into measurable business value. Under his leadership, Ferrara IT has become a trusted partner for companies seeking to reduce technical debt, improve efficiency, and build resilience against cyber threats. Mr. Ferrara frequently speaks on risk management, compliance, and how strategic IT investments can drive organizational growth and security.

Mr. Leitheiser is the Senior Solutions Engineer and Head of Cybersecurity at Ferrara IT, where he leads the design and implementation of secure IT infrastructures for clients across highly regulated industries. With over 22 years of experience in enterprise IT, including service as a U.S. Army Chief Warrant Officer, Mr. Leitheiser brings deep expertise in Microsoft 365, Zero Trust architecture, and advanced cyber defense practices. He also holds a master’s degree in Cybersecurity Technology and top industry certifications such as CISSP and MCSE.
Description
The nature of data handled by accounting and tax practices makes these firms more susceptible to cybercrime. Ransomware, phishing, identity theft, and malware attacks are a few examples of how these firms are targeted. The dangers of an attack include a significant loss of income and time, but perhaps as damaging is the loss of customer trust.
Establishing an effective security plan is not only prudent, it is required by the Federal Trade Commission (FTC) and, for firms preparing tax returns, by the IRS. Resources are available to guide professionals through a risk assessment and implementation of a data security plan. Tax and accounting firms must implement an effective data security plan and monitor the system year-round.
Listen as our panel of data security professionals discusses the threats accounting firms encounter and the steps they should take to stay compliant and protect their firms.
Outline
I. Cybersecurity in an accounting practice: introduction
A. Why accounting firms get targeted
B. The evolving threat landscape
II. Understanding your risks
A. Identifying cyber risks specific to accounting firms
B. Data security requirements (IRS, FTC, PCI, etc.)
III. Core security controls
A. Implementing key technical controls
B. Implementing human controls
IV. Preparing for disaster
A. Backups
B. Incident response plan
C. Cyber Insurance
V. Governance and on-going risk assessment
VI. Resources
Benefits
The panel will help firms:
- Understand today’s top cyber threats targeting CPA practices
- Learn IRS and FTC data security requirements
- Gain insights into practical security controls and risk assessments
- Explore strategies for incident response, resilience, and cyber insurance
NASBA Details
Learning Objectives
After completing this course, you will be able to:
- Identify cyberattacks encountered by accounting firms
- Determine how to structure and implement an effective data security plan
- Ascertain how to handle a data breach
- Decide what components of a data security plan are required by the FTC and IRS
- Field of Study: Accounting
- Level of Knowledge: Intermediate
- Advance Preparation: None
- Teaching Method: Seminar/Lecture
- Delivery Method: Group-Internet (via computer)
- Attendance Monitoring Method: Attendance is monitored electronically via a participant's PIN and through a series of attendance verification prompts displayed throughout the program
- Prerequisite:
Three years+ business or public firm experience, preparing reviewed, compiled, and audited financial statements and the relative disclosures. Specific knowledge and understanding of GAAP, SSARS, and peer review policies.

Strafford Publications, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of Accountancy have final authority on the acceptance of individual courses for CPE Credits. Complaints regarding registered sponsons may be submitted to NASBA through its website: www.nasbaregistry.org.
Unlimited access to premium CLE courses:
- Annual access
- Available live and on-demand
- Best for attorneys and legal professionals
Unlimited access to premium CPE courses.:
- Annual access
- Available live and on-demand
- Best for CPAs and tax professionals
Unlimited access to premium CLE, CPE, Professional Skills and Practice-Ready courses.:
- Annual access
- Available live and on-demand
- Best for legal, accounting, and tax professionals
Unlimited access to Professional Skills and Practice-Ready courses:
- Annual access
- Available on-demand
- Best for new attorneys
Related Courses
Recommended Resources
Gain a Competitive Edge Through Efficient CPE Strategies
- Learning & Development
- Business & Professional Skills
- Career Advancement