Security at the heart of the company’s financial transformation

The digitalization of companies impacts the finance function. Altran, Airbus, ICANN, M6, EDENRED are among the companies that suffered a cyber attack in 2019. 100% of CAC companies are affected but they are not the only ones. Among the departments with the most sensitive data are the financial departments. That’s why security must be at the heart of the company’s financial transformation. The automation of processes and data processing must not lead to a decrease in vigilance. A possible cyber attack could indeed have disastrous consequences. It is therefore necessary to prioritize the levels of sensitivity of the information held and to evaluate the means to be used to respond effectively to cyber threats.

Strategy FINANCE

The Finance blog
Discover our expertise

The finance department at the heart of the processing of sensitive information

CFOs receive, store and exchange highly sensitive data. This makes them a prime target for malicious people. The departments in charge of customer care and billing are particularly sensitive.

The attack techniques of cybercriminals are becoming more and more sophisticated and are constantly evolving with the new possibilities offered by technology. They can, for example, gain access to customer data by intercepting an e-mail or issue false invoices.

The purchasing department is also likely to be affected since it holds essential information such as contracts with the company’s suppliers. But the impact of a cyberattack can also extend far beyond the financial dimension. Thus, some fraudulently acquired customer data may be resold to a competitor.

In a context of increased competition, any damage to a company’s reputation through the questioning of a distributed product or a questionable financial transaction is likely to put the company in a difficult situation. It is therefore important that the CFO be involved in defining compliance and risk management policies.

Learn more about our ERP expertise

Assessing risks vs. benefits

While the digital age opens up tremendous opportunities for finance management, it also presents opportunities for cybercrime. This is why all digital transformation projects must be subject to a prior benefit-risk study.

An inventory of internal procedures will also be carried out. The first step is to establish a risk map:

  • what data is likely to be of interest to cybercriminals?
  • where are they located?

Once this inventory has been carried out, it remains to assess the degree of vulnerability of each of these sensitive data, in order to put in place the necessary tools with regard to the different types of probable attacks.

The company’s human capital also has an important role to play in the prevention of cyber-attack risks. The training of the employees concerned is, in fact, an essential means of reducing the risks. If necessary, procedures and work habits will have to be modified.

The cyber risk must be perfectly integrated by the various actors. Simple reflexes will sometimes suffice, such as not opening a link or an attachment sent by an unknown sender. For the most sensitive data, only those who really need it will be granted administrator rights. In order to respond to complex situations, it will sometimes be necessary to call upon an external firm to map the risks precisely, or to carry out intrusion tests.

In any case, spending on cybersecurity must be commensurate with the risks. Finally, company executives may wish to consider purchasing fraud insurance.

Want to know more? Contact our experts

Cybersecurity is not enough

Despite all the preventive measures taken, cybercriminals sometimes succeed. The planned crisis management procedures must then be implemented.

The company’s cyber resilience capabilities largely determine the effectiveness of the response to the crisis situation. The operational nature of the systems for identifying and detecting technological weaknesses plays an essential role here.

Secondly, the immediate mobilization of the actors and departments affected, in accordance with the rules set out in the action plan drawn up for the given event, will be aimed at minimizing the financial and image damage, as far as possible.

Today, the CFO occupies a strategic position in the company’s organization. He is a key player in business development and is able to identify risks and prescribe the necessary measures to protect the company’s interests. There is no doubt about the need for its association with the cybersecurity system.

Role of the CSO (Chief Security Officer) in the financial transformation of the company

The CSO, more precisely called CISO (Chief Information Security Officer) when it comes to the company’s information systems, is a key person for the financial management.

As a true partner of the finance department, it must be able to understand the challenges of the finance business, what is critical in terms of processes and information, and what the weight of compliance is.

His responsibilities, in order to support the finance department, include:

  • information systems mapping,
  • audit capability,
  • support for new projects,
  • the development of a rapid response capability.

P.S.

SQORUS supports its key account customers in the digitalization of their finance functions. With a functional and technical expertise of the main solutions of the market dedicated to the finance business, we implement and accompany our customers in all phases of their projects. Thanks to consultants certified on solutions such as Oracle, Netsuite, PeopleSoft, Kyriba or Axway, SQORUS is the preferred integrator of financial solutions on the market.

DOWNLOAD OUR LATEST WHITE PAPER

HOW SHOULD FINANCE BUSINESSES TRANSFORM THEMSELVES TO GENERATE ADDED VALUE AND DETECT GROWTH OPPORTUNITIES?

DOWNLOAD

Also read on the topic of digital transformation of finance functions:

Share This