Chief financial officers (CFOs) need to approach cyber risks threatening their organisations with greater care, says Steve O'Neill, CFO EMEA Strategic Operations at IT storage hardware solutions provider EMC, in an article for CFO World.
O'Neill points to a survey by PwC conducted at the end of 2013, which revealed that just 12% of the CFOs surveyed at UK and global companies engage in a formal process for evaluating technology-related risks to their company. Yet businesses today face growing cyber security challenges, O'Neill notes.
As CFOs are entrusted with risk management responsibilities, they need to mover cyber threats up their agenda. Many large organisations are targeted thousands of times a day, so CFOs cannot afford to ignore this problem.
Cyber considerations need to be woven into business decision making, O'Neill points out, as business decisions today often concern information systems.
According to the PwC survey, 53% of CFOs do not have the data they need to manage cyber risks well. Communicating with other CFOs across Europe, O'Neill has found that either they are not engaging enough with their CIO to better understand the security context or the CIO fails to deliver key information to the CFO in a brief form. Yet, in O'Neill's view, in order to effectively address cyber security issues, CFOs need to communicate and collaborate with CIOs and take cyber security discussions to board level.
Cyber attacks are growing in number, increasing in strength and becoming more innovative. In order to prevent all the negative impacts they can have on a business, CFOs can no longer concentrate solely on book-keeping and financial risk management. Broadening their focus to include cyber risks is crucial, O'Neill concludes.