At CFO we have explored in many stories why senior finance executives must understand the importance of computer and information security. The CFO’s role in finding technical solutions to security issues, from hardware and software, to preventing the disruption and misdirection of the services they provide, is increasingly crucial.
Finding and implementing the best cyber-security strategies based on the latest technological advances must be a priority for financial managers at all levels. The following articles provide a look at how CFOs can detect, assess, and manage cyber security.
Until recently, many CFOs have not have been considered an integral part of an organization’s security team or understood how to respond to security risks and the implications for their organizations. But times have changed and many CFOs are being called upon to help promote cyber security and identify threats.
It’s time for a sea-change in managing the risks of a cyber attack on your company, according to authors and subjects of articles in CFO’s Special Report on the subject. No longer can you assume that software and firewalls will keep hackers out of your systems. Instead, you have to assume the worst will happen and carefully plot out what to do in the aftermath.
Putting a incident response plan together, keeping it up to date, and exercising it periodically is a lot of work — a major reason that it doesn’t always get done. But when something bad happens (and it will) having the plan available and the experience that only comes from practice will save a lot of time and potentially avoid embarrassment at best and litigation at worst.
Subscribe to the CFO
Cyber Security Newsletter
In the borderless world of information technology, computer-security specialists and corporate risk managers have begun working on the assumption that it’s impossible for companies to keep their networks completely free from penetration.
In the wake of an online attack that bilked the Internal Revenue Service out of at least $39 million in fraudulent refunds, the agency has announced it is teaming up with tax-preparation firms and state officials to fight identity theft and fraud.
In the future, S&P says it could downgrade a bank before an actual attack if the credit ratings agency believed that the bank was ill-prepared to withstand such an attack. A downgrade could also come after an actual breach if S&P believed the breach caused significant reputational issues that could result in a major loss of customers or if the monetary or legal losses significantly reduced capital.
Hackers in Russia, China, and Europe used malware-laced emails to bank staffers to penetrate banks’ systems and steal hundreds of millions of dollars.
Building an in-house security operations center, or SOC as it’s more commonly known, can be a resource-intensive process. But managed correctly, it can safeguard your business-critical data and your bottom line.
Many regulators consider the growing tide of cyber incidents to be more of an abdication of corporate responsibility than a threat to national security. Organizations need to incorporate best practices of working with various information sharing and analysis organizations and into their internal cyber security processes. What can you do?
The cybersecurity industry is booming. A report by Bank of America Merrill Lynch reckons the market is $75 billion a year and will be $170 billion by 2020. Not only is demand soaring, but barriers to entry are low.