Q
Manage Learn to apply best practices and optimize your operations.

What do CFOs need to know about customer data security?

With cyberattacks a growing concern for many companies, the CFO must take a leadership role in securing organizational and customer data. Here's how to start.

Customer data security is a hot issue today, for companies as a whole and for their CFOs. Indeed, information security...

and cybercrime has consistently ranked as a key concern for CFOs in recent years. Despite these concerns, however, the ability to lock down and protect sensitive data is constantly being compromised. In the last year alone, a number of authoritative reports outline the formidable challenges faced in ensuring data security. These include:

  • Verizon's 2015 Data Breach Investigations Report
  • The 2015 US Association of Corporate Counsel's State of Cybersecurity
  • KPMG's Cyber security: A failure of imagination by CEOs
  • Ponemon's Cost of Data Breach 2015
  • The Defender's Dilemma 2015, by the RAND Corporation

The last report, in particular, paints a bleak picture: The reality is that the bad guys appear to be winning at cybercrime.

As a CFO, part of your job is to change that reality. To that end, here are a few pointers to creating a proactive and comprehensive approach to customer data security.

  • Cyber-risk awareness and mitigation should be a core element of your organization's business strategy. It should be ingrained within your organization's DNA. The assumption that information security can or should be left to your IT department alone to attend to has to be rigorously scrutinized and tested.
  • Don't leave data security to external vendors. What protections does your organization have in place in the event that your IT, or cloud, provider has a data breach of your company's or your customers' data?
  • Can you transfer the risk? Cyber-risk insurance, or cyberinsurance, is now big business, with some estimates suggesting that the global expenditure on cyberinsurance premiums is in excess of $2.5 billion. Be aware that the cyberinsurance industry has not matured as compared with other insurance products that have been around for a long time. A fundamental challenge facing cyberinsurance policyholders remains defining what exactly is being insured, not to mention the opacity over the precise definition of contributory negligence.
  • People can be the weakest link in your information security chain. Organizations with a disenfranchised, disgruntled and disengaged workforce are at greatest risk -- case in point: Edward Snowden. Ensuring an engaged workforce is the responsibility of all executives.

As a CFO, ensuring customer data security is a key component of your job. You are well placed to ensure that a unified, well-architected cyber-risk framework is implemented organization-wide, backed by a high degree of staff and management engagement. Only then can the risks be optimally identified and treated. Are you up for the challenge?

Next Steps

Software maker finds success with cloud-based ERP

Taking a look at financial close management software

What it takes to better automate financial reporting

This was last published in February 2016

Dig Deeper on ERP accounting software

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What steps has your company taken to ensure customer data security?
Cancel

-ADS BY GOOGLE

SearchOracle

SearchCRM

SearchSAP

SearchBusinessAnalytics

SearchSQLServer

SearchContentManagement

SearchHRSoftware

Close