e-ISSN 2518-1181
DOI 10.33146/2518-1181
Online Media ID R40-06293
← Back Published: 30.05.2026

The Impact of Cyber Risks on the Functioning of the Accounting System and Their Management

Authors

Tetyana Demchenko Uman National University, Uman, Ukraine ORCID 0000-0002-7471-540X

DOI:

https://doi.org/10.33146/2518-1181-2026-2(112)-44-52

Abstract

The rapid digitalization of accounting and the growing reliance of accounting systems on information and communication technologies increase their vulnerability to cyberattacks, data leakage, unauthorized access, and the compromise of the integrity of financial information. Therefore, the development of effective approaches to identifying, assessing, and managing cyber risks is particularly relevant to ensure the continuity of the accounting system, the reliability of reporting, and the protection of accounting data. The article aims to reveal the impact of cyber threats on the enterprise's accounting system and to substantiate approaches to managing cyber risks in the context of the digitalization of management. This study is based on accounting information systems and a risk-based approach to managing cyber risks. From this point of view, accounting systems are integrated information environments where the processing of financial data depends on cybersecurity mechanisms and IT management. The study also applies the concept of cyber risk management, which integrates cybersecurity into corporate governance and internal control systems. Accordingly, cyber risks are interpreted not only as technical threats but also as structural factors that affect the reliability of financial reporting and decision-making processes. The article offers an overview of modern cyber risks, analyzing the trends of their evolution and spread. The results of the study show that effective cyber risk management requires an integrated approach that combines technical means of information protection, organizational measures, and improvements to the internal control system. Therefore, enterprises should integrate cybersecurity principles into the accounting system to ensure the integrity and reliability of financial information. The results of the study serve as a basis for improving risk management approaches to enhance information security for enterprises.

Keywords

cyber risks, accounting, risk management, digitalization, cybersecurity, information security, financial reporting, internal control, accounting information systems
References
  1. Chowdhury, M., Rahman, M., & Islam, S. (2022). Cybersecurity integration framework for accounting information systems: A risk-based approach. Journal of Cybersecurity and Digital Accounting, 6(2), 127–139. https://doi.org/10.54660/IJMOR.2022.1.1.127-139
  2. Cognyte. (2025). 2025 Threat Landscape Report: Global trends in cyberattacks, ransomware and stolen credentials. Retrieved from: https://www.businesswire.com/news/home/20250410430200/en/Cognyte-2025-Threat-Landscape-Report-Reveals-Global-Trends-in-Cyberattacks-Ransomware-and-Stolen-Credentials
  3. Cram, W. A., Wang, J., & Yuan, X. (2023). Cybersecurity in accounting information systems: A framework for risk governance. International Journal of Accounting Information Systems, 48, 100598. https://doi.org/10.2308/JETA-2020-081
  4. Monteiro, J., & Cepêda, C. (2021). Accounting information systems: Scientific production and trends in research. Systems, 9(3), 67. https://doi.org/10.3390/systems9030067
  5. Muravskyi, V., Pochynok, V., & Farion, V. (2021). Classification of cyber risks in accounting. Visnyk Ekonomiky, 2, 129–144. https://doi.org/10.35774/visnyk2021.02.129
  6. NCC Group. (2024). Annual Cyber Threat Monitor Report 2024. Retrieved from: https://www.nccgroup.com/newsroom/ncc-group-releases-annual-cyber-threat-monitor-report-2024/
  7. Prokofieva, O. V., & Bespalova, Yu. Yu. (2024). Cyber risks and their management in the context of globalization and digital transformation. Efektyvna Ekonomika, 5. http://doi.org/10.32702/2307-2105.2024.5.87
  8. Radware. (2025). Cyber threat report: Web DDoS attacks surge 550% in 2024. Retrieved from: https://www.nasdaq.com/press-release/radwares-cyber-threat-report-web-ddos-attacks-surge-550-2024-2025-02-26
  9. Sigaiev, A., & Volovyk, A. (2017). Botnets: methods of detection and counteraction. Legal, Regulatory and Metrological Support of Information Protection System in Ukraine, 1(33). Retrieved from: http://pnzzi.kpi.ua/article/view/169410
  10. State Service of Special Communications and Information Protection of Ukraine. (n. d.). 60% of cyberattacks start with phishing: time to increase vigilance. Retrieved from: https://cip.gov.ua/ua/faqs/60-kiberatak-pochinayetsya-z-fishingu-chas-pidvishiti-pilnist
  11. State Service of Special Communications and Information Protection of Ukraine. (2025). CERT-UA in 2025 processed almost 6,000 cyber incidents: number of hostile attacks increased by 37%. Retrieved from: https://cip.gov.ua/ua/news/cert-ua-u-2025-roci-opracyuvala-maizhe-6000-kiberincidentiv-kilkist-vorozhikh-atak-zrosla-na-37
  12. State Service of Special Communications and Information Protection of Ukraine. (2024). The vulnerability detection and cyber incident response system of the Data Protection Center helped identify and process 1,042 cyber incidents in 2024. Retrieved from: https://www.cip.gov.ua/ua/news/sistema-viyavlennya-vrazlivostei-i-reaguvannya-na-kiberincidenti-ta-kiberataki-dckz-dopomogla-viyaviti-ta-opracyuvati-1042-kiberincidenti-u-2024-roci
  13. State Service of Special Communications and Information Protection of Ukraine. (2023). In 2023, the number of registered cyber incidents increased by 62.5%: report of the Operational Center for Cyber Incident Response. Retrieved from: https://cip.gov.ua/ua/news/2023-roku-kilkist-zareyestrovanikh-kiberincidentiv-zrosla-na-62-5-zvit-operativnogo-centru-reaguvannya-na-kiberincidenti-dckz
  14. State Service of Special Communications and Information Protection of Ukraine. (2022). Statistical report on the results of the Vulnerability Detection and Cyber Incident Response System in 2022. Retrieved from: https://scpc.gov.ua/uk/articles/233
  15. State Service of Special Communications and Information Protection of Ukraine. (n. d.). List of cyber incident categories. Retrieved from: https://www.cip.gov.ua/ua/news/perelik-kategorii-kiberincidentiv
  16. Struk, N. (2026). Assessment of cybersecurity of accounting information in the innovative activities of agricultural enterprises. Oblik i finansi, 1(111), 57–70. https://doi.org/10.33146/2518-1181-2026-1(111)-57-70
  17. Vavilenkova, A. (2024). Threats of using cloud services in cybersecurity. Cybersecurity: Education, Science, Technique, 2(26), 409–416. https://doi.org/10.28925/2663-4023.2024.26.704
  18. Verkhovna Rada of Ukraine. (2023). Term “DDoS attack”. Legislation of Ukraine. Retrieved from: https://zakon.rada.gov.ua/laws/term/61603
  19. Zhang, C., Zhu, W., Dai, J., Wu, Y., & Chen, X. (2023). Ethical impact of artificial intelligence in managerial accounting. International Journal of Accounting Information Systems, 49, 100619. https://doi.org/10.1016/j.accinf.2023.100619