With recent hacks and changes to regulations, cybersecurity is at the top of every agenda as the volume of cyber attacks doubled throughout the first half of 2017. The typical FTSE 100 firm loses on average £120m after a cybersecurity breach. The risks are even greater for startups & SMEs; 60% of smaller companies go out of business within six months of a breach. Startups are a lucrative target for cybercriminals. Security is often considered secondary to growing the business and the specialists needed to keep up with the complexity of cyber attacks are costly, especially within cloud computing which requires specially implemented security controls.
So as the risk of cyber attacks and data breaches grow, so does the list of reasons that CFO’s should learn more about cybersecurity. As CFO’s play a major role in the day-to-day running of an organisation it makes sense that they should cultivate a deep understanding of cybersecurity – this will allow them to pinpoint weaknesses throughout business process. This is even more important in SME’s that haven’t invested in a CISO or equivalent, especially in startups where they are integral to growing processes.
A CFO is also responsible for some of the most sensitive data within an organisation and must understand where this information is at all times. A deeper understanding of how this information is secured and how a cybercriminal may attempt to access it will also result in greater protection. This understanding will also help CFO’s to formulate a strategy that will help position the company to successfully manage the plan for cybersecurity.
Smaller businesses with limited budgets may face the reality that protecting all data equally will be out of their budget, especially with the rising costs of cybersecurity experts. This will require a prioritisation of the most important data which will involve working out which data breaches could put you out of business, as well as an assessment of what data you afford the highest protection too. Educating all staff on the risks of cybersecurity will also help to protect a business. No wall is impenetrable, which is why it’s important your staff remain proactive, not just in realising the potential for data breaches but what they should do when one is discovered.
Remember: It’s not a matter of if, it’s when
Cisco’s CEO, John Chambers, once said: “there are two types of companies: those who have been hacked and those who don’t know they’ve been hacked.” The bottom line is that cyber attacks are becoming more organized, sophisticated, and dangerous and ultimately only so much can be invested in security before you have to focus on detection. When a breach occurs the CFO will have an important role in limiting the impact as they’ll be a key player in preserving a businesses reputation. They’ll be instrumental in communicating security measures to all stakeholders as well as working through the financial implications of the breach. Ultimately, the faster the post-breach response, the less damage will be done.
Given the risks that cybersecurity threats pose in a tech-driven, global economy, today’s CFO benefits greatly from a working understanding of cybersecurity, as well as being informed on the risks and post-breach strategy.
If you’d like to discuss your finance or data talent, get in contact with the Talentedge team here.