While cybersecurity is increasingly an issue when employees have to work from home, it's no longer only a responsibility of IT because the financial impact from security incidents can be huge. FutureCFO talked to David Sajoto (pictured), Vice President of Sales for Asia Pacific and Japan, ExtraHop for advice on how CFOs can work with IT to guard their organisations.
FutureCFO: What is the CFO’s role in an organisation when it comes to cyber risk management?
David Sajoto (DS): Cybersecurity is a top priority for every organisation and this issue is especially significant to a CFO. The World Economic Forum (WEF) expects the cost of cybercrime to businesses to reach US$ 8 trillion in the next five years.
Given the financial impact and nature of the attacks, alongside other factors, such as economic volatility and regulations, CFOs' roles have expanded to include understanding the importance of cybersecurity and playing an active role to ensure the organisation is mitigating cybersecurity risks.
To manage their organisation’s financial risk, a CFO needs to understand vulnerabilities, apply administrative actions, and evaluate the return on investment for security solutions to ensure that the organisation is adequately protected.
Cyber attacks have become a fixture on the list of the CFO’s most worrisome concerns, alongside macroeconomic factors, such as economic volatility and overregulation. Given the cost and the increasingly malicious nature of the attacks, CFOs are understandably focused on identifying potential cyber risks and planning appropriate corporate responses.
While the CISO or CIO owns the execution of the Cyber defenses, the CFO has a responsibility for the purchase approval of cybersecurity solutions and should require proper justification to do so - not just financially but from an overall security perspective.
Firstly, a CFO is a stakeholder in a cybersecurity purchase. A CFO must ensure that every proposal for changes in security systems or a purchase of new tools adds value to the business, and there is a clear ROI over anything that the organisation has already in possession.
Moreover, with finance teams being constantly targeted by fraudsters, CFOs need to protect their own data that contains customers' and employees' Personal Identifiable Information (PII) as well as the company's financial information. They have the responsibility to ensure that their sensitive information and financial data are secured.
In these tumultuous times, C-suite officers such as COOs and CEOs are required to develop a comprehensive understanding of cybersecurity. CFOs are in a unique position to help the senior leadership team understand the risk involved in not prioritising cybersecurity. By partnering with IT and cybersecurity teams, CFOs can work to ensure that board members appreciate the benefits of having a proactive approach when it comes to cybersecurity.
The CFO stands as an enabler in ensuring that the organisation has the technical capability to fight cyber threats.
FuturCFO: How can the finance and IT security work together to secure finance organisations in an organised manner?
DS: With organisations under constant threat of a cyber attack, a multi-departmental approach is crucial to develop a strong cybersecurity strategy.
Finance and IT teams must align and work together to achieve this goal. For instance, while the chief information security officer (CISO) is responsible for detecting and resolving threats before they become a breach, the CFO is responsible for reviewing expenses and IT infrastructure purchases.
The finance team needs to partner with the security team and ensure security expenditures are aligned with the company's cybersecurity strategies.
For cybersecurity initiatives to work, people, processes and technology must be aligned. As part of a company's overall cybersecurity response structure, leaders must ensure that these elements are in-synch and roles and responsibilities are anchored to the business goals.
FutureCFO: What technologies might help CFOs do their job in this area? How much upskilling would that require of the CFO and his/her team?
DS: The attack surface is enormous and there are innumerable ways through which organisations can be compromised.
However, with the right tools and systems in place, security teams are empowered to decide what to focus on and allocate resources where it matters. The CFO stands as an enabler in ensuring that the organisation has the technical capability to fight cyber threats.
Machine learning (ML) offers a host of potentials in strengthening a company's cybersecurity posture.
With the use of ML combined with threat intelligence, security teams will have a baseline to leverage augmented analytics to recognise fraudulent behaviours, detect low-and-slow attacks, weed out noise and false alerts, and look out for post-breach behaviours and indicators of compromise.
In addition, with visibility and real-time access to data, organisations are always one or two clicks away from determining if an event should be elevated for incident-response.
By observing network behaviour in real-time, network detection and response (NDR) tools provide complete visibility into east-west traffic to correlate data and provide the context needed for security and IT teams to quickly detect unusual behaviour and determine whether it poses a risk and needs to be investigated. .
To get the most out of the organisation's cybersecurity strategy, it’s not just a financial decision or a technical one.
An all-hands-on-deck approach is required. Entrusting cybersecurity management to IT professionals alone increases risk and opens the company up to various potential security breaches.
Today, finance professionals are called upon to ensure that they play their part in safeguarding company data. In order to move with the times, CFOs need to inform themselves with the latest developments in cybersecurity and how these technologies can be best utilised to address security issues and vulnerabilities.