TAX2612. Beyond the WISP: Building a Living, Breach-Ready Cybersecurity Plan

Having a Written Information Security Plan (WISP) is a legal requirement for tax professionals — but in today’s threat environment, simply checking the box isn’t enough. This session brings together a data breach survivor and an IRS insider for a gripping exploration of what it truly takes to protect your firm from evolving cyber risks.

While templates and boilerplate language may technically satisfy compliance, they often leave firms dangerously exposed — to attackers, regulatory scrutiny, denied insurance claims and reputational damage. Through compelling storytelling, expert guidance and real-world examples, you’ll discover how to:

• Transform your WISP from a static document into a living cybersecurity blueprint
• Create a culture of security accountability across every level of your firm
• Prepare your team to serve as a resilient first line of defense—not a weak link
• Avoid common mistakes that can void cyber liability insurance coverage
• Establish safeguards for secure data sharing with third-party vendors and partners
• Learn more about emerging scams and threats aimed at professionals like you.

This session is ideal for firm owners, compliance officers and security leads who want to operationalize their WISP into a practical, breach-ready strategy. It also equips all professionals — regardless of their role — with a deeper understanding of WISP components and how to integrate them into day-to-day practice