The Ritz Herald
Ulistic, Toronto, ON. © Stuart R. Crawford

Should Cybersecurity Be Top Priority For CFOs


Published on June 22, 2019

In many organizations, CFOs are helping set milestones for the future and this often includes investments in new and emerging technology. Cybersecurity may not be in the landscape for CFOs, but this ongoing threat is one that simply cannot be ignored by business leaders. The ongoing cost of operations may increase significantly in order to manage the risk that hackers and employee negligence pose to the organization, and that’s a role that CFOs are comfortable examining. Even if the technology team doesn’t report directly to the financial arm of the organization, there’s a strong argument to be made that CFOs should be intimately familiar with — if not driving — cybersecurity for their business.

  • The CFO’s Role in Technology Investments

According to industry experts like Jorge Rojas, owner of Vaughan, ON IT Consulting firm, Tektonic, “the CFO is the head of technology with direct reports including a CTO or CIO. In others, the financial head of the business is in more of an accounting role and provides checks and balances for major projects.”

The role and responsibilities of a modern CFO are shifting dramatically, with these leaders demanding accountability for investments tied to the yield of value for the organization. That means technology leaders are being pushed to manage, analyze and present data in a way that allows executive leadership to quantify project results. CFOs are increasingly being asked to lead or be a primary voice for digital transformation beginning in the accounting department and trickling throughout the organization.

According to Michael Shebab, tax, technology and process leader for PwC, “CFOs increasingly struggle with figuring out how digital technologies impact the finance function and the organization as a whole”. CFOs are left scrambling to determine the financial impact both of the risk of cyber attack and the cybersecurity procedures and support that are needed to mitigate the risk of the same attacks.

  • The Financial Impact of Cyberattacks and Cybersecurity

There is a great deal of conversation in financial circles about the threat of cyber attack and the potential impact on the organization. It’s crucial that CFOs are able to balance the risk that is associated with the potential of cyberattacks with the upfront costs that are associated with cybersecurity. It’s much easier to justify the significant financial impact of securing your business when there is an agreement of priority levels at the highest levels of the organization. According to Crain’s 2019 CFO Forecast, more than 75% of CFOs will prioritize cybersecurity in the next 12-24 months — largely due to the extreme financial impact of an attack.

“It’s good news that CFOs are prioritizing increased budgets for cybersecurity because organizations are going to need them.” according to Rojas. “The demand for talent in this specialized field is high, and experts are able to command an enviable rate for their services.”

The growing challenges around data management and compliance add to the risk factors that CFOs must take into account as they’re sourcing new roles or bringing on partners, too. Cybercrime damages are expected to skyrocket to $6 trillion by 2021, a staggering figure and one that is likely to help CFOs as they’re selling their cybersecurity budget increases to other organizational leaders.

  • Managing and Mitigating Organizational Risk

While projects often have an individual risk register, CFOs maintain a similar stance for the entire organization. Depending on the business, risks could be anything from ensuring that insurance will cover the instance of a catastrophic fire or flood to protecting the security of the physical business from intrusion. Risks can be internal or external, but the role of risk management is a crucial one in the organization. Today’s CFOs are increasingly being tapped to manage and mitigate organizational risk.

Cybersecurity is one of the most prevalent risks that organizations face, so it’s not surprising that CFOs are often being tasked with organizing and executing a strategy that will reduce this serious financial risk. Unfortunately, many executives are still struggling to comprehend the sheer volume of attacks that are encroaching upon American businesses and the potential impact of these attacks. When CFOs are able to effectively communicate this information to the C-Suite, they are much more likely to gain access to the funding that is necessary to protect against these cybersecurity threats.

Whether a CFO is a leader in the digital transformation of the business or plays more of a financial role, it’s crucial that this key executive fully understands the impact of cybersecurity and data risk on their organization. Emerging technologies require an enhanced knowledge of the interconnected organization, and that’s something with which CFOs are intimately familiar.

Staff Writer