New rules from the Association of International Certified Public Accountants require prospective CPAs to choose one of three disciplines “to demonstrate deeper skills and knowledge,” according to the association’s CEO, Susan Coffey. One of those disciplines is cybersecurity as part of its ISC1: Information Systems and Controls exam, which will become available on January 1, 2024.
What will these new cybersecurity-trained accountants mean for the typical enterprise CISO? Accounting and security specialists point to two possible impacts: Give CISOs another way to fill those long-empty entry-level security positions; and help the CISO’s office to better articulate ROI benefits for key lines of business as well as for the CFO directly.