CFOs are responsible for establishing and maintaining effective risk management and mitigation strategies within an organization. The current business is faced with a slew of business risks in the world of digital innovation. Cybersecurity is a priority for any business. It ensures efficiency, but it also exposes companies to multiple risks. Cybersecurity risks can also spill over to financial troubles, which is why a CFO plays a pivotal role. The role of the CFO has evolved from a simple number cruncher into a strategic player when it comes to a company’s technology risk. How can today’s CFO adapt to the cyber world and minimize technological risks?
What is the traditional role of a CFO?
The traditional responsibilities of the CFO are still applicable to the role of the modern CFO. The CFO is responsible for managing the business’s current and future financial position. The CFO’s duties include:
- Financial reporting
- Investments
- Capital Structures
- Optimizing the financial performance of an organization
Controllership duties, such as reporting the financial status of a company, help investors, creditors, and shareholders make important decisions. The CFO assists the company in managing debts, equity, and internal financing by addressing capital structure issues. The CFO is also a key player in a company’s future. They use economic forecasting to find out how to maximize an organization’s financial success.
As the leader of the financial team, the CFO is responsible for performing their duties. These duties are still important for any CFO, but they are now considered minimum requirements for managing any department. The ability of a CFO to make strategic business decisions using financial data has changed dramatically.
What Has Traditionally Been the CFO’s Role in Mitigating Risks?
CFOs are financial experts who play an important role in managing a company’s risks. According to a Deloitte CFO Signals (TM) survey, 48% of CFOs are directly responsible for audits and regulatory compliance. In the survey, 55% of CFOs said that they are involved in enterprise risk management. 35% reported that their teams directly report to them for all risk-management matters. In general, CFOs note that they have taken on more risk-related duties over the years.
CFOs oversee the reporting process in an organization to ensure better risk management. CFOs are most likely to report directly to departments such as development/M&A, financial reporting, and management reporting.
Technology risk is increasingly becoming a financial risk.
Modern CFOs are responsible for a broader range of responsibilities, including enterprise risk management and business planning. CFOs increasingly act as strategic partners for CEOs in order to help them plan their business strategy due to the changing nature of risk. Financial risks are now a part of technological risks. A report by IBM & the Ponemon Institute estimates that the average cost for a data breach is $ 3.86 million.
Companies with a high profile have spent millions of dollars to deal with data breaches that exposed private information. Desjardins Group, for example, spent more than $53 million to handle a data breach. British Airways and Marriott each had to set aside more than $100m after failing to comply with the GDPR, which monitors data privacy and security in the EU. The CFO can’t stay out of the picture when such high costs are at stake.
Cybersecurity is an area that causes concern to all organizations. Cyberattacks have been on the increase, according to statistics. As the COVID-19 epidemic spread, more companies began to use remote workers. Ransom-as-a-service is another way attackers take advantage of businesses. According to a study conducted by Crowdstrike, the number of intrusion attempts in customer networks was higher at the start of 2020 than it was in 2019. Crowdstrike’s survey of its customer networks found that there were more intrusion attempts at the beginning of 2020 than in 2019. ‘
What are the experts doing to mitigate technology risk?
Vic Russo’s advice was given in a recent IT Pro Webinar. Risky business: CFO’s role in managing IT risk. Electric CFO Vic Russo said: “The biggest cyber threats that affect financial data will be social engineering attacks. Any attack that targets people rather than software or devices, such as malware, phishing, and eavesdropping. It is important to train your employees in security because if they don’t follow internal policies and make a mistake, your cyber insurance won’t cover you.
Dave Wardell (CFO, Chubbies) also provided insight on the security measures implemented by his organization in relation to adapting to pandemics: “The first measure of security we implemented at Chubbies was tighter control around payment approvals. I think that all CFOs could speak to this. We also moved quickly to make sure we had a much more robust management of everyone’s devices, onboarding/offboarding, etc. Lastly, to ensure that we are fully compliant with the GDPR, CCPA, and other relevant compliance frameworks and how our integrations work, we have continued to do so.
Ron Gilboa is the VP of Finance at Perimeter81, and he has the following advice for modern finance leaders. “Our approach at Perimeter81, in order to protect sensitive data on the cloud, is first to gain visibility over cloud and network usage. You can gain insight into the risks that your organization faces, how to mitigate them, and how to protect confidential information. Control & access data transfer. By enforcing more stringent policies on your cloud data, you can prevent both data loss and unauthorized access to your network. Third, you can avoid breach notification requirements. “Private encryption keys can be used to secure data in the cloud.”
Steve Gentry (CSO at Clari) offered this compliance advice: What controls have been put in place? How do you assess these vendors? As part of your compliance, have you set minimum standards for these vendors? As you establish your compliance program, you should ask yourself these questions.”
The three main options when it comes to risk are reduce, remediate, or accept. “Running a business involves accepting risk.”
What is the role of a modern CFO in tech?
CFOs are increasingly expected to facilitate digital strategy as the digital revolution, the growing dependence on technology, and the pandemic continue to influence the business world. CFOs will now be expected to manage the security risks that an organization faces. Accenture reports that 72% of CFOs are in charge of a company’s digital strategy.
Instead of viewing technology as a threat, CFOs should adopt digital solutions in order to improve their service. Currently, traditional financial functions are heavily automatized. CFOs use advanced financial models to identify economic risks and opportunities for their companies.
CFOs are also able to adopt technology that will ensure the visibility and accessibility of information across an organization. By working with tech and cybersecurity teams to advise the C-suite, CFOs can better guide the company. CFOs who have acquired digital skills can help the company adopt technology to adapt to future changes despite security breaches and cyber-attacks. It is important to encourage informed decision-making and not just focus on risk mitigation.
