Your Business News

Cyberthreats and the rise of SOC 2

July 18, 2023

Authored by RSM Canada LLP

Joel A. Humphrey, CPA, CA shared this article

INFOGRAPHIC | July 18, 2023

Companies today face more frequent and sophisticated cybersecurity threats than ever before. And, according to our report on how the middle market continues to battle evolving cybersecurity risks:


of respondents have moved data to the cloud for security purposes

The RSM report finds that the threat of a breach is a major concern for all organizations.


of executives believed unauthorized users would attempt to access data or systems in 2023.


of middle market executives said their company had previously experienced a data breach.


of respondents had outside parties attempt to manipulate employees by pretending to be trusted third parties or company executives.

In this fraught cybersecurity environment, just reacting to security threats is no longer an option—companies must be proactive.

The challenge is: most companies rely on a variety of cloud services, and technology and automation solutions. While some have the bandwidth to handle their IT and security needs in-house, many companies are outsourcing to third-party service providers, making it difficult for leadership to get the operational insight needed—both internally and from their third parties.

In the RSM survey:

70% of respondents reported increased policy premiums.

Consistent with last year, only 2% saw a decrease in premiums.

Companies need cybersecurity information from third-party service providers to manage their business and respond to increased scrutiny from regulators, sales prospects and customers.

Service organization control (SOC) reports and the new SOC 2 reports can provide transparency into your operations or those of your service providers, including:


About infrastructure, software, people, procedures, data, and risk management.


Into security, availability, processing integrity, confidentiality, or privacy.


Of all the tests conducted and the related results.

Your company should consider proactively preparing SOC and SOC 2 reports because:

  • They replace or supplement what most regulators and customers would audit.
  • Many service providers are required to provide a SOC report to be considered a business partner.
  • Offering these reports can help your company gain a competitive advantage.

In the RSM report:


of middle market companies moved or migrated data to the cloud as a result of security concerns during the past year.

2 in 3

Two in three cybersecurity incidents involving system intrusions originate via an organization’s partners, according to Verizon’s 2022 Data Breach Investigations Report.


ISACA’s State of Cybersecurity Report finds that 63% of cybersecurity teams are understaffed.

Getting started with SOC and SOC 2 reporting

SOC reporting can be complex. While some companies can do these reports in-house, many companies can’t.

An outside advisor can help your organization:

  • Identify the most appropriate SOC report to provide control assurance to regulators, your customers, and other stakeholders.
  • Conduct a SOC readiness audit.
  • Prepare SOC reports.
  • Navigate the challenges of SOC reporting.

Let's Talk!

Call us at 1 855 363 3526 or fill out the form below and we'll contact you to discuss your specific situation.

  • Topic Name:
  • Should be Empty:

Source: RSM Canada
Used with permission as a member of RSM Canada Alliance

RSM Canada Alliance provides its members with access to resources of RSM Canada Operations ULC, RSM Canada LLP and certain of their affiliates (“RSM Canada”). RSM Canada Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each are separate and independent from RSM Canada. RSM Canada LLP is the Canadian member firm of RSM International, a global network of independent audit, tax and consulting firms. Members of RSM Canada Alliance have access to RSM International resources through RSM Canada but are not member firms of RSM International. Visit for more information regarding RSM Canada and RSM International. The RSM trademark is used under license by RSM Canada. RSM Canada Alliance products and services are proprietary to RSM Canada.

FCR a proud member of RSM Canada Alliance, a premier affiliation of independent accounting and consulting firms across North America. RSM Canada Alliance provides our firm with access to resources of RSM, the leading provider of audit, tax and consulting services focused on the middle market. RSM Canada LLP is a licensed CPA firm and the Canadian member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM Canada Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how FCR can assist you, please call us at 1 855 363 3526

Important Notice:

FCR will now redirect you to CCH Portal where your FCR Client Portal login is located.

Share This