Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

CFOs shouldn’t sit on the sidelines when it comes to cybersecurity, ETCFO | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacking | #aihp

The Chief Financial Officer (CFO) has traditionally been responsible for managing a company’s finances and ensuring the financial stability of the organisation. However, with the increasing importance of technology and the growing threat of cyberattacks, the role of the CFO has evolved to include a greater focus on cybersecurity. Headlines about cyberattacks and data breaches have executive teams and boards of directors asking themselves what can be done to avoid winding up on the receiving end of a cyberattack.

CFOs shouldn’t sit on the sidelines when it comes to cybersecurity

One of the main ways in which the CFO’s role is changing is through a greater emphasis on risk management. Cybersecurity threats can have a significant impact on a company’s financial stability. In fact, CFOs in India say the most devastating consequences of cyberattacks are downtime and disruptions, damage to service and product quality, and loss of contractors and business opportunities. Yet, only 9% of India’s C-suite leaders say that their board of directors governs cybersecurity “very effectively”.

Collaborate with CISOs

The CFO’s role is to identify and mitigate financial risk and this is precisely why they need to join forces with CISOs to understand their organisation’s security risk and all financial costs that come with it. Currently, there exists a chasm between most CFOs and security teams when it comes to fortifying the organisation against cyberattacks. Recent data from PwC shows that only 4% of C-level leaders in India plan to be involved in the cybersecurity function — indicative of a gap in understanding the impact cyberattacks could have on their organisation’s reputation.

When CFOs become active members of cybersecurity teams, the rest of the C-suite can greatly reduce the risk of revenue loss with a well-developed cybersecurity exposure program. Collaboration between CFOs and CISOs can help create optimal resourcing and more accurate findings of the organisation’s cyber risk.

Budget cuts call for strategic investments

The CFOs of today and the future must be able to take financial data and use it to influence operational decision-making and strategise where to make the right investments. This calls for possessing many more skills than just the technical accounting background. CFOs may not be expected to comprehend the intricacies of cybersecurity technologies or their operations.

However, they must grasp the importance of implementing cybersecurity solutions and the specific contributions of new investments in addressing the exposure gap.

With rising interest rates, CFOs are concerned about cash flow and earnings, calling for selective investment and judicious utilisation of funds. Globally, 99% of organisations are preparing for budget cuts this year, which calls for making the right investments in cybersecurity as threat actors probe for the weakest link in the modern attack surface. Instead of investing in multiple point solutions that concentrate on individual security aspects and create data silos, opting for a unified exposure management platform would be more prudent. This can help the organisation comprehend the scope and depth of the attack surface – vulnerabilities, misconfigurations, attack
path analysis including identity solutions, cloud configurations, deployments and web applications.

Symbiotic relationship between CFOs and CISOs

Cyber risk and financial risk are interconnected, rendering CFOs responsible for managing cyber risk. Data breaches are costly for companies and once India’s Digital Personal Data Protection Bill is enacted, there will be additional penalties that organisations will have to bear following a data breach. Given the high stakes, CFOs cannot do it alone and should partner closely with others who have a clear and vested interest in managing this risk, including CIOs and CISOs.

CFOs must consider cyber risk as a quantifiable metric of risk just like economic or environmental exposures. Following operational risk best practices and requesting regular reports that summarise the organisation’s progress in reducing risk can go a long way in bridging the exposure gap. The financial and business impact of cyber incidents calls for CFOs to be a part of the solution in establishing deterrence against threat actors to significantly reduce cyber risk.

Disclaimer: The views expressed are solely of the authors and does not necessarily subscribe to it. shall not be responsible for any damage caused to any person/organisation directly or indirectly.

  • Published On May 6, 2023 at 09:20 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCFO App

  • Get Realtime updates
  • Save your favourite articles

Scan to download App

Click Here For The Original Source.