Survey: Finance Execs Asked To Play Bigger Role in Defending Against Cyber Threats

CFOs and other top finance execs are being asked to play a bigger role in defending their firms against growing cyber threats, according to a recent a survey. As a result, IT may expect in 2016 to get more help in fighting cybercrime from the business side. 

Tags: cybersecurity, data breech, DDoS, hacker, phishing, risk management, survey,

CFOs and other top finance execs are being asked to play a bigger role in defending their firms against growing cyber threats, according to a recent a survey.


As a result, finance teams are toughening policies on suppliers and partners – and even taking steps to increase insurance coverage, according to the research from the Chartered Global Management Accountant (CGMA).


The CGMA survey found an astounding 95% of respondents said their companies are concerned with the threat of cyberattacks – notably data breaches, distributed denial of service (DDoS) attacks and phishing scams.


Driven by these heightened concerns, some 72% said their corporate finance teams “have become more involved in cyber risk mitigation,” the survey found.  The fears are not unreasonable, as the survey also found 30% of respondents reported their business fell victim to a real cyber attack in the past two years.  This was up from 2014, when some 22% reported they had suffered a cyber attack, according to CGMA.


As part of cyber risk mitigation tactics, the CGMA survey reports nearly one-third of respondents (31%) reported they are toughening policies regarding third-party partners and vendors to address potential vulnerabilities (31%). 


And, just in case these efforts aren’t effective, some one-fourth (23%) say they are securing -- or increasing liability insurance in the event of business disruptions due to data breaches or cyber attack.  


“With today’s businesses facing a heightened risk of cyber attacks, they are in need of strong risk identification and mitigation strategies driven by collaboration between business units across the company,” said Ash Noah, a CPA and vice president of CGMA’s external relations for the AICPA  “As the finance function continues to evolve to become more business-centric, it’s critical for finance executives from the CFO down to play a driving role in preparing for and addressing potential cyber risks for the long-term growth of the company,” Noah added.  


Other notable findings from the CGMA survey include:

  • Over 20% of respondents said cyber threats are worse than what has been reported in the media
  • Fear of the threat of cyber attacks is increasing, with about 68% of respondents saying their company is moderately or significantly concerned with the threat of cyber attacks, compared to 62% in 2014


The also survey suggests that in 2016 IT security professionals should expect to get more help from the business side in when fighting cybercrime.   Financial professionals can lend valuable insight to IT’s battles against cybercrime as business models and revenue streams adapt to new opportunities presented by APIs, cloud, mobile and Internet of Things, Noah suggested.


As the cyber risk climate evolves, CGMA suggested several steps can improve effectiveness of risk oversight and mitigation programs: 

  1. Take an assessment of the efficacy of the organization’s current approach to cyber risk oversight in the light of emerging threats.
  2. Consider the extent to which critical risks may occur and not be detected by silo risk managers and implement greater cross-collaboration throughout the organization.
  3. Assess the extent to which cyber risk management is an important input to the strategic planning process and adjust risk management processes as needed.
  4. Implement a structured set of cyber risk identification, assessment and monitoring processes that requires focus and accountability at the board and senior management levels.

“The finance function has a unique view into the complexities of the business as well as an in-depth understanding of the industry, markets and risk climate, yielding important insights for a company’s strategic direction,” Noah added.


CGMA is a collaboration between the American Institute of CPAs and the Chartered Institute of Management Accountants.