CFOs are becoming increasingly involved in cyber security measures, along with CIOs, CSOs and CISOs, according to a report released last week by consulting firm Protiviti.
Amid a sharp uptick in data breaches, hacks, malware infections and other threats, CFOs are “taking a more active role in ensuring their organizations are protected,” said Security Boulevard, which reported on the findings.
Protiviti said the greater CFO involvement makes sense, because the finance function has a lot to lose if its organization becomes digitally compromised. The study points to a shift in CFO priorities, driven in large part by the growing emphasis on data as a major corporate resource.
Over the course of the second quarter of 2019, Protiviti surveyed 800 global CFOs and VPs of finance; 84% cited security and data privacy as a high priority.
Other top priorities included enhanced data analytics (79%), process improvement (75%), changing demands and expectations of internal customers (73%), and embracing new technologies (73%).
The study also acknowledged a growing trend of robotic process automation (RPA) adoption and outsourcing of menial tasks to robots. “CFOs ... are more determined than ever to exceed the increasing expectations of internal customers,” the report said. “They are more concerned with data security, privacy and governance [and] more focused on [RPA], [AI], blockchain, predictive analytics, cloud-based applications, and other advanced technologies.”
The study also stresses the significance of the CFO, as a multi-faceted title in an organization, as a pioneer of these changes. “As new opportunities and new threats—such as data breaches—appear, organizations are counting on their CFOs and finance teams to drive the behavioral changes needed,” it said.
CFOs narrowing in on cyber security is part of a broader trend in which finance executives become strategic leaders, Security Boulevard said.
“Finance leaders want to optimize security and data management capabilities and improve how they meet the rapidly changing expectations of a growing body of internal customers,” Chris Wright, managing director and global business performance improvement practice leader at Protiviti, said in the study. “They realize that failing to make progress in protecting and leveraging data assets, whether on-premises or in the cloud, and [not] addressing the needs of internal customers could result in a failure to meet the business’s strategic-level expectations.”
“These finance leaders are no longer siloed to financial and operational issues; rather they’re expected to deliver insights and analysis that help shape critical business decisions,” Wright said. “And a data breach—[of] financial or nonfinancial data—can have severe financial ramifications. As cyber risks increase, finance leaders must adequately budget, allocate resources, and prioritize company-wide security and data protection measures."