CFO’s: Is Your Cyber Security Ready For The Next Decade? Why It Must Matter To You

You must prepare today for the threats of tomorrow. Effective data security is critical in today’s digital world. And it’s no longer just a concern or function for your IT department. It must now be a priority for CFOs, as you’re the ones accountable to your organization for its financial health and best suited to budget, allocate resources, and prioritize cyber defense for the entire organization. This means today’s CFOs will need to be more digitally sophisticated in order to leverage technological innovation.

Research shows that the average cost of a data breach to an organization is $2.4 million. As Jeff Thompson of Forbes notes: “It is a price tag and a risk that could keep a CFO up all night.”

One of the top reasons CFOs should be creating heightened awareness about cyber risk is that 76% of cybercriminal activity is for the purpose of financial gain. Cyber-espionage and the theft of intellectual property drive 47% of all manufacturing IT breaches alone. With 68% of those breaches taking months or longer to discover, it’s troubling to think about how much data has already been exposed to bad actors. Organized crime organizations are behind 62% of external breaches. No industry is immune to cyber risk, and CFOs will need to make sure their organizations continue to increase the quality and speed of their efforts. This will often mean that CFOs need to convince their CEOs and board members of the importance of security best practices. Given that most CFOs say their board engagement activities has risen from 24% to 42% in recent years, it’s apparent that they’re being given more opportunities for doing so. The urgency for this is heightened by a Deloitte survey of CEOs and board members which showed that only 30% describe themselves as highly engaged in developing their organization’s cyber strategy; yet this is key to moving from identifying security threats and fixes to defining business impact, risk escalation steps, and organizational responses. While it’s tempting to feel comfort in current security processes, system admins have been shown to be the top internal people responsible for breaches 25.9% of the time. This is all the more important because databases are the top assets involved in breaches. In terms of their sophistication, cybercriminals have advanced to the point that they’re fooling the highest levels of the organization. Beginning oftentimes with email attacks, companies have been exposed to breaches that defy belief. Phishing and pretexting represent a whopping 93% of social attack-based breaches. 99% of the attackers are external to the organization, and 59% of these are motivated by financial gain, with an additional 38% aiming at corporate espionage. The well documented Verizon study showed that phishing is used as the lead strategy of a more expanded attack, followed by malware installation that gives criminals access to corporate data. Social breaches gain access to personal data 47% of the time, proprietary IP or secrets 25% of the time, and credentials that are used to launch compromised credential attacks 16% of the time.

Thompson suggests three ways CFOs can have an impact on greater cybersecurity:

Cybersecurity must be woven into the fabric of your business and the tools which you use. It’s important that whatever software solutions you employ make safeguarding your data a top priority. One of which does this, in particular, is Synoptix Reporting software. Because it sits behind your firewall, there’s no additional liability which you need to protect against. Always ensure tools you use are not adding additional threats to your security. For additional insight into how you can impact your organization’s growth and ensure its security is ready for the next decade: Download our Top 5 Reasons For CFO Failure report