Skip to main content

CyberSecurity

Cybersecurity threats continue to escalate.


The growing number, frequency and impact of cyber attacks have propelled cybersecurity to the top of the CFO and board agendas.
Today’s cybercriminals are well-funded, organized structures with the patience to infiltrate a company’s systems over time to obtain the information they desire.
The infiltrators have gone beyond focusing on credit card details. They have long-term strategies, which often mean they are targeting to manipulate a company’s share price, alter a company’s financial data or undertake or interfere with large-scale financial transactions.
CFOs fully understand that cyber threats are real. They have seen the financial and reputational damage victims have faced. And as the world becomes increasingly digital, the number and severity of these threats will only intensify.
Cybersecurity is fundamentally about protecting an organization’s shareholder value. CFOs must play a much greater role.

The first step toward protecting an organization is to realize that attacks are inevitable, It is  discovered that most organizations had only a moderate level of cybersecurity maturity. Instead of anticipating threats and preparing for them, organizations continue to react only when an attack has been detected.
Cybersecurity should no longer be viewed as an IT-only issue. While the CIO continues to play a crucial role, in the more mature cybersecurity functions, the CFO and board lead discussions on cyber security as a major exposure in the organization’s overall risk management framework. (Read how the CFO and CIO can partner to address cybersecurity.)

The need for a proactive, board-level approach

As businesses become more digital, new avenues of access for cyber criminals to organizations’ assets are being created. Operational technology, for example, represents a major risk that is too often overlooked at the board level.
Operational technology is not traditional IT software and hardware. It is the systems that underpin operations in many companies, such as those that deliver electricity, move oil and gas or operate assembly lines in some industries.
These systems often aren’t managed by IT. However, as more devices become connected, the “Internet of Things” has become a major source of risk. The CFO needs to weave operational technology, and other emerging avenues of entry, into the company’s risk management processes

A better approach is to grasp the gravity of the situation – and the speed at which it happens – and work with the board and IT function to define a mature cybersecurity function that protects the company’s key assets and can evolve with time. The CFO should then invest to fill the gap between where the company is now and where it should be. Moving forward, the focus should shift from detection to prevention.
Creating a mature cybersecurity function starts with a detailed understanding of the organization’s key assets. The CFO needs to be part of the team that decides what those primary assets – or crown jewels – are, recognizing that they will change over time.
Several questions will help organizations identify their primary assets:
  • What assets would hurt the organization’s day-to-day operations if lost?
  • What assets would result in a loss of consumer confidence if breached?
  • What assets would cause grave reputational harm and dilute shareholder value, if compromised?To help create an effective road map to a mature cybersecurity function, CFOs can ask several key questions right now:
  • What is our overall risk tolerance?
  • What is my organization’s current exposure to cyber risk?
  • How does our preparedness compare to our competitors?
  • Is our cyber risk exposure consistent with our risk tolerance?
  • Are there adequate processes in place to prevent, detect, contain and respond to a cyber attack?
  • Do we have a plan for how we will respond to a cyber attack?
  • Have we tested the plan thoroughly so there is no time delay when the breach occurs?
In today’s 24/7 media cycle, global organizations need a thoroughly tested cyber-attack plan that prepares the company to respond no matter where or when the breach occurs. Communication to the media and investors is absolutely critical in the wake of a breach, because it may sway the media and the market’s response, which can impact share price.
Having a well-planned response as part of the cybersecurity strategy helps give peace of mind to investors and the board of directors and helps the company better control the outcome.
CFOs need to collaborate with their CIO, the board and cybersecurity experts to be prepared for the first signs of a breach. The plan should include:
  • Regulatory relations
  • Media relations
  • Investor relations
  • IT
  • Risk
Banking and capital markets: prime targets
All sectors are at risk from cyber attacks. Banking and capital markets, for example, are exposed for two reasons:
1.      Their most precious assets are mostly electronic.
2.      They are information organizations with huge volumes of transactions and communications that are vulnerable to infiltration.

Banking is a highly regulated industry. The requirements relating to how companies protect the data in their possession is forever tightening in the name of security. That means that in addition to the inherent financial and reputational risks, there are criminal risks for noncompliance.

The good news is that financial services CFOs are ahead of their peers in other industries when it comes to managing who has access to sensitive data. But the volume of transactions and global reach of today’s consumers and suppliers also makes it easy for cybercriminals to hide the evidence of their attacks. To create and continually update a cybersecurity system that is more sophisticated than the ones the hackers are using, management needs to fully understand the bank’s workflow through the back, middle and front offices.


While banking and capital markets will always be vulnerable to attacks, acquisitions can render them particularly vulnerable. The only way companies in these industries can identify threats before the damage exposed during an acquisition is too great is by applying data analytics that detect anomalies in the way employees, suppliers and customers behave.

Comments

Popular posts from this blog

Python and Parquet Performance

In Pandas, PyArrow, fastparquet, AWS Data Wrangler, PySpark and Dask. This post outlines how to use all common Python libraries to read and write Parquet format while taking advantage of  columnar storage ,  columnar compression  and  data partitioning . Used together, these three optimizations can dramatically accelerate I/O for your Python applications compared to CSV, JSON, HDF or other row-based formats. Parquet makes applications possible that are simply impossible using a text format like JSON or CSV. Introduction I have recently gotten more familiar with how to work with  Parquet  datasets across the six major tools used to read and write from Parquet in the Python ecosystem:  Pandas ,  PyArrow ,  fastparquet ,  AWS Data Wrangler ,  PySpark  and  Dask . My work of late in algorithmic trading involves switching between these tools a lot and as I said I often mix up the APIs. I use Pandas and PyArrow for in-RAM comput...

Kubernetes Configuration Provider to load data from Secrets and Config Maps

Using Kubernetes Configuration Provider to load data from Secrets and Config Maps When running Apache Kafka on Kubernetes, you will sooner or later probably need to use Config Maps or Secrets. Either to store something in them, or load them into your Kafka configuration. That is true regardless of whether you use Strimzi to manage your Apache Kafka cluster or something else. Kubernetes has its own way of using Secrets and Config Maps from Pods. But they might not be always sufficient. That is why in Strimzi, we created Kubernetes Configuration Provider for Apache Kafka which we will introduce in this blog post. Usually, when you need to use data from a Config Map or Secret in your Pod, you will either mount it as volume or map it to an environment variable. Both methods are configured in the spec section or the Pod resource or in the spec.template.spec section when using higher level resources such as Deployments or StatefulSets. When mounted as a volume, the contents of the Secr...

Andriod Bug

A bug that steals cash by racking up charges from sending premium rate text messages has been found in Google Play.  Security researchers have identified 32 apps on Google Play that harbour the bug called BadNews. A security firm Lookout, which uncovered BadNews, said that the malicious program lays dormant on handsets for weeks to escape detection.  The malware targeted Android owners in Russia, Ukraine, Belarus and other countries in eastern Europe. 32 apps were available through four separate developer accounts on Google Play. Google has now suspended those accounts and it has pulled all the affected apps from Google Play, it added. Half of the 32 apps seeded with BadNews are Russian and the version of AlphaSMS it installed is tuned to use premium rate numbers in Russia, Ukraine, Belarus, Armenia and Kazakhstan.