Abstract:
The migration of accounting information systems (AIS) from on-premise infrastructure to cloud-based platforms has transformed the way organisations record, process, store, and report financial data. Cloud-based accounting systems offer significant benefits, including cost efficiency, scalability, real-time data access, and simplified system maintenance. However, this transition also introduces a distinct and evolving set of cybersecurity risks that threaten the confidentiality, integrity, and availability of financial information. This paper examines the principal cybersecurity risks associated with cloud-based accounting information systems, including data breaches, ransomware attacks, insider threats, misconfigured cloud environments, insecure application programming interfaces, and third-party vendor vulnerabilities. It further explores the regulatory and compliance dimensions of cloud accounting security, including data protection regulations and audit implications, and reviews prevailing risk mitigation frameworks such as encryption, multi-factor authentication, access control, and continuous monitoring. Drawing on a synthesis of academic literature, industry reports, and regulatory guidance, the paper argues that effective cybersecurity risk management in cloud-based accounting environments requires an integrated approach combining technical controls, governance mechanisms, and organisational awareness. The paper concludes with recommendations for accounting professionals, auditors, and organisational leadership seeking to strengthen the security posture of cloud-based financial information systems.