Why Data Security Should Be Your Accounting Firm’s Top Priority in 2026: Seth Fineberg 

Data security has become a critical business priority for accounting firms, not just a technical concern. As cyber threats evolve and client expectations rise, safeguarding sensitive financial information is essential to maintain trust and credibility. 

According to a study by the University of Maryland, a cyber attack occurs every 39 seconds, translating into an average of 2,244 attacks per day, which means cyber threats are now continuous rather than occasional. 

Firms must now address key questions: How secure are our systems? Are we effectively protecting client data from modern threats? And how can we balance compliance, efficiency, and security in daily operations? 

Ace Cloud Hosting spoke with Seth Fineberg, an accounting industry consultant, content strategist, and speaker. With over 30 years of experience following the profession’s evolution, Seth has seen firsthand how firms are reshaping their services to stay relevant and responsive to client needs. 

In this expert Q&A, Seth Fineberg shares his perspective on why data security should be a top priority for accounting firms, including strategies, tools, and best practices that can protect client data while enabling business growth. 

Transcript: 

“Hi again, Seth Fineberg from Accountants Forward. Here to talk once again about one of the lingering issues that remains in the accounting profession, and quite possibly, in my view, one of the most important. I’m not a real technician. I’ve just been immersed in accounting and business technology for decades. And so, I understand the importance that data security has for all businesses.   

But I’m sure you’ve heard it time and time again as a practitioner, as a firm owner, if you’re in accounting. You are the keepers of some of the most sensitive data that’s out there. What are your client’s financials and your client’s information?  

Now, obviously, you need that for work and to do the most value-added things that you do, but your basic day-to-day, you need to work with this information. And you’ve been told for years about some rules on sharing it.   

There have been document management and data security platforms around for years. The main thing that you want to know about data security is to first and foremost have a plan for if and when a breach might actually happen.  

You also need to know what protocols are in place. So, for many, this is actually a formal document. That formal document is actually known as a Written Information Security Plan, or WISP, if you will. This is something that I believe the IRS itself is actually requiring that firms have several components to it. It literally is a written, the most basic level document that has qualified individuals’ risk assessment, inventory, and hardware document safety measures that are in place, and how you actually handle these things, at your firm, or how you would handle it also in a data breach.   

Also, specifically, just a general anecdotal word of advice. Don’t go to data security alone. Don’t go into thinking like, I did some research on this, and I’m checking the boxes, doing the right thing. There’s no such thing as we know as 100% safe, especially in the digital age. We also can’t just hide behind, I’ve all my data in my office and all my desktop, that’s just not going to cut it anymore.   

We need to stay connected. And even then, breaches can happen, even if things are supposedly secure, and then your environment. So, get with a managed security service provider, much like Ace Cloud Hosting. It’s one of the many things that they do and do pretty well by a lot of professional assessments out there, not just my own view, but this is just kind of what I know that I’ve heard and been told, and it’s been examined.  

Having a provider like that, having managed services in your corner, is worth every single penny. And you can shop around for such things, but by and large, having Peace of Mind, having a managed service provider on your side when it comes to data security cannot be stated highly enough.   

Knowing that you’re having the right things in place, having regular meetings also about this, even monthly, just kind of seeing where everyone is at. If everyone still have questions in your firm about whether they are doing things the right way? Because, as we’ve seen time and time again, the biggest risks inside your firm, unfortunately, are the people that work there. Someone might click on something wrong, you know, that they shouldn’t.   

So, we might share something in a way that they should not have. Things happen, and you have to know what to do when that happens. You also have to know what to do to prevent it. But having a WISP, or a managed service provider in your corner and really just doing what you can, it’s kind of level set in your firm. It’s going to protect that crucial data and also your firm for many years to come.” 

Subscribe to Ace Cloud Hosting today to receive expert content, practical advice, and thought-leadership insights that help businesses stay competitive, secure, and future-ready.