Harnessing Big Data and AI-Driven ERP Systems to Enhance Cybersecurity Resilience in Real-Time Threat Environments

Abstract

After studying the emerging paradigm shift about the complex global business environment, this paper aims to address gaps in the literature related to safe accounting information within continuously evolving cybersecurity environments. In the context of the digital transformation era, which is characterized by the confluence of big data and artificial intelligence technologies, which lead to effective enterprise resource planning systems, accounting and auditing research has hitherto somewhat overlooked the opportunities to utilize and harness such ERPs to produce timely and context-related safe accounting information, relative to specific organizations' operational conditions and enterprise specificities. Toward a generation of pertinent, not only but precisely tailored required accounting policies, procedures, and rules, we caution auditing researchers to take the lead to envision, evolve, and build required technological capabilities. We identify known threats and gaps and propose directions for auditing researchers to meet the challenges and contribute to future enhanced, required safe accounting information demand.

Given the recent emerging paradigm shift about the complex global business environment and, in particular, the unforeseen rapid spread of the pandemic, cybersecurity is changing fast with continuously evolving challenges. Enterprise resource planning systems can provide essential tools to use and re-use big data approaches that, with the integration of advanced data analytics and artificial intelligence technologies, present a prime driver of enhanced awareness about the state of the developing digital transformation era of individual organizations. In light of these technologies, when investing in the quality and effectiveness of the company's cybersecurity program, such technologies might help and assist managers and owners to significantly enhance resilience in defending the organization against cybersecurity risks but might raise fundamental concerns about the need, usability, and enforceability of safe accounting information, which is essential for the internal control system set up in an internal control reporting context. Given the recognition that the entities' information systems are a key internal control component that can be leveraged for effective control requires an appropriate accounting design, our review identifies known threats and gaps, and we propose directions to auditors, which are currently quite neglected in accounting research, to consider for future required independent assurance about the usability of the policies and procedures that are put in place by entity management to monitor, in real-time or near-real-time, the potential risks of the system posed by, among others, its employees and trust service providers, as well as special threat types comprised of advanced persistent tactics, techniques, and procedures.