แนวทางรับมือด้านความปลอดภัยและความเป็นส่วนตัวในระบบสารสนเทศทางการบัญชี: ปัจจุบันและอนาคต

Aukkaradej Chaveerug

Authors

Aukkaradej Chaveerug Faculty of Accounting, Chiang Rai Rajabhat University

Keywords:

Data, Accounting Information Systems, PDPA, Cyber Threats

Abstract

In the digital era, where accounting information systems play a critical role in business operations, the risks related to data security and privacy have become a paramount concern for organizations. Cyber threats are increasingly complex and continuously evolving, making effective data management essential for building trust and enhancing organizational sustainability.

This academic article presents 1) the current situation and challenges related to data security and privacy in accounting information systems; 2) technological approaches to mitigate risks, such as data encryption, multi-factor authentication (MFA), and the Zero Trust Security model; 3) capacity building through cybersecurity training for personnel; 4) an analysis of compliance with relevant laws, including the European Union’s General Data Protection Regulation (GDPR) and Thailand’s Personal Data Protection Act (PDPA) B.E. 2562; and 5) strategies for cultivating a security-conscious culture within organizations alongside appropriate technological integration. The knowledge gained from this study can guide the formulation of policies or frameworks for effectively managing information security in accounting systems, reducing data breach risks, strengthening stakeholder confidence, and supporting sustainable business operations in the long term.

Downloads

Download data is not yet available.

References

Arora, S., Bhardwaj, R., & Kaur, P. (2023). Quantum computing and its implications for cybersecurity in financial systems. Journal of Financial Innovation and Technology, 5(1), 44–59.

Arora, S., Singh, R., & Kumar, V. (2023). Quantum computing and its impact on information security: A review. Journal of Information Security, 18(2), 85–101.

Brynjolfsson, E., & McAfee, A. (2022). The second machine age: Work, progress, and prosperity in a time of brilliant technologies. W. W. Norton & Company.

Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548.

Chen, Y., Tan, Z., & Ali, M. (2023). Cybersecurity adoption challenges among SMEs using AIS: A case study approach. Journal of Small Business and Enterprise Development, 30(2), 245–263.

Chen, Y., Wang, J., & Li, X. (2022). Cybersecurity risk in accounting information systems: The role of human error and protection mechanisms. Information Systems Frontiers, 24(3), 543–560.

Chen, Y., Zhang, L., & Morales, J. (2023). Enhancing cybersecurity in financial information systems: A framework based on ISO/IEC 27001 and COBIT 5. International Journal of Accounting Information Systems, 51, 100567.

Chen, Y., Zhang, Z., & Li, M. (2023). Cyber threats to SMEs in the digital era: Challenges and policy recommendations. Small Business Management Journal, 61(1), 22–39.

Cheng, H., Zhao, M., & Li, W. (2022). Implementing Zero Trust with Multi-Factor Authentication: A practical approach for enterprise security. Journal of Cybersecurity Technology, 6(4), 291–310.

Coates, J. C. (2021). The goals and promise(s) of the Sarbanes-Oxley Act. Harvard Law Review, 134(2), 1215–1248.

Coyne, E. M., & McMickle, P. L. (2017). Can blockchains serve an accounting purpose? Journal of Emerging Technologies in Accounting, 14(2), 101–111.

Da Veiga, A., & Martins, N. (2015). A framework for analysis of information security culture in organizations. Computers & Security, 49, 151–165.

Deloitte. (2022). The future of cybersecurity in a quantum world. Deloitte. https://www2

.deloitte.com/global/en/pages/risk/articles/quantum-security.html

Deloitte. (2022). The impact of quantum computing on Cybersecurity. Deloitte. https://www2.deloitte.com/insights/us/en/industry/technology/quantum-computing-and-cybersecurity.html

Electronic Transactions Development Agency. (2023). Handbook on compliance with the Personal Data Protection Act (PDPA). etda. https://www.etda.or.th/th/Useful-Resources/ pdpa-handbook.aspx

ENISA. (2023). Cybersecurity training and awareness: Guidelines and best practices. European Union Agency for Cybersecurity. ENISA. https://www.enisa.europa.eu/publications

ENISA. (2023). Guidelines on personal data breach notification under the GDPR. European Union Agency for Cybersecurity. ENISA. https://www.enisa.europa.eu/publications

European Commission. (2022). Your rights under the General Data Protection Regulation (GDPR). European Commission. https://commission.europa.eu/law/law-topic/data-protection/reform/rights-citizens_en

European Data Protection Board. (2023). Guidelines 01/2023 on fines under the GDPR. EDPB. https://edpb.europa.eu

Greitzer, F. L., & Frincke, D. A. (2010). Combining traditional cyber security audit data with psychosocial data: Towards predictive modeling for insider threat mitigation. In Insider Threats in Cyber Security (pp. 85–113).

IASB. (2021). IFRS® Standards: Consolidated without early application. International Accounting Standards Board. IFRS. https://www.ifrs.org

ISACA. (2022). Role-based training for cybersecurity risk management: A governance perspective. ISACA. https://www.isaca.org/resources/research

IBM. (2023). Cost of a Data Breach Report 2023. IBM Security. https://www.ibm.com/reports/

data-breach

Kindervag, J. (2010). Build security into your network's DNA: The Zero Trust Network Architecture. Forrester Research.

KnowBe4. (2023). Phishing simulation and security awareness benchmark report 2023. KnowBe4. https://www.knowbe4.com/phishing-security-test

Kshetri, N., & Voas, J. (2023). Cybersecurity and privacy challenges in accounting information systems. IT Professional, 25(1), 50–56.

Kshetri, N., & Voas, J. (2023). Cybersecurity challenges in the accounting and finance sector: A risk-based approach. IT Professional, 25(2), 40–48.

Nguyen, T., & Le, H. (2021). Building a security-aware culture: Human factor in information security management. Information & Computer Security, 29(3), 462–477.

Newman, L. H. (2023). How AI is reshaping cyberattacks. Wired. https://www.wired.com/story/ai-cyberattacks-2023

Newman, L. H. (2023). The evolving threat landscape of AI and IoT-integrated accounting systems. Wired Magazine. https://www.wired.com/story/accounting-systems-ai-iot-security/

Office of the Personal Data Protection Committee. (2023). Handbook for compliance with the Personal Data Protection Act B.E. 2562 (PDPA). Electronic Transactions Development Agency (ETDA). ETDA. https://www.etda.or.th/th/Useful-Resources/pdpa-handbook.aspx

Ponemon Institute. (2022). Cost of a data breach report 2022. IBM. https://www.ibm.com/

reports/data-breach

PwC. (2023). Data protection compliance: How GDPR and PDPA readiness build trust and long-term competitiveness. PwC. https://www.pwc.com

Rashid, A., Ahmed, S., & Ali, M. (2023). Cloud accounting and data security: A new era of AIS management. International Journal of Accounting Information Systems, 48, 100611.

Rashid, A., Ibrahim, H., & Wong, T. (2023). Emerging technologies in accounting information systems: Opportunities and cybersecurity risks. International Journal of Accounting Information Systems, 50, 100563.

Romney, M. B., & Steinbart, P. J. (2021). Accounting information systems (15th ed.). Pearson.

Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology.

Smith, J., Lee, A., & Kumar, R. (2020). The impact of data breaches on stakeholder trust in accounting systems. Journal of Information Security and Privacy, 15(2), 89–105.

Smith, J., & Miller, A. (2023). Data privacy practices in financial information systems: Compliance and enforcement. Journal of Financial Regulation and Compliance, 31(1), 33–50.

Tang, Q., & Man, K. L. (2023). Enhancing information security training effectiveness: The role of interactive learning and gamification. Computers & Security, 124, 102982.

Tang, Q., Man, K. L., & Li, X. (2022). Cybersecurity risk management in accounting firms: Framework and case study. International Journal of Accounting Information Systems, 43, 100512.

Thales Group. (2023). Data security trends 2023: Threat landscape and best practices. Thales Group. https://www.thalesgroup.com/en/markets/digital-identity-and-security

Thompson, R., & Garcia, M. (2021). Cybersecurity awareness and the human factor: Empirical evidence from accounting professionals. Journal of Information Systems, 35(2), 45–60.

Van Schaik, P., & Flynn, R. (2023). The future of auditing: Integrating blockchain and AI for secure accounting systems. Auditing: A Journal of Practice & Theory, 42(1), 109–130.

Wang, J., & Liu, H. (2023). Cybersecurity governance in accounting firms: Challenges and best practices. Journal of Accounting & Organizational Change, 19(1), 85–101.

Wheeler, A. (2023). AI and cybersecurity: Protecting financial data in the digital age. Financial Technology Review, 12(1), 15–29.

Wong, T., & Rashid, A. (2023). The role of cloud accounting in digital transformation: Benefits and security challenges. Journal of Accounting and Finance, 78(3), 210–228.

Zhou, W., & Xu, Y. (2023). Cybersecurity risks and mitigation strategies for blockchain-based accounting systems. International Journal of Accounting Information Systems, 52, 100576.

APPROACHES TO SECURITY AND PRIVACY IN ACCOUNTING INFORMATION SYSTEMS: CURRENT AND FUTURE PERSPECTIVES

Authors

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

International Standard Serial Number

Current Issue

Make a Submission

Language

Author Instruction

Information

visitors

Follow Us