The Weekly Ledger No. 65: Cybersecurity and Finance

January 25, 2023 Theresa Rex

Welcome to The Ledger where we sum up the latest finance and accounting news for you. This week, we've rounded up resources for taking on cybersecurity challenges in the accounting function. Read on for a refresh on what solid cybersecurity looks like, what you need to know about coming cybersecurity regulations, where cybersecurity is weakest, and how to strengthen it.

The weekly ledger strengthen cybersecurity and finance

Build a Cybersecurity Foundation - See What to Strengthen

Everything is digital now, and any CFO knows that includes threats to their organization's digital security. For a few years now, that fact has meant ramping up security measures to combat the increase of all kinds of cyberattacks — from phishing to ransomware. With so much of the working world's data living in different places online, leaders have had to implement and maintain multiple lines of defense against cybercriminals.

For the finance and accounting function, where the stakes are especially high and leaders need to protect cash and assets, it's increasingly urgent for leaders to take action and stay vigilant, starting with these "building blocks" of cybersecurity:

Cloud security – There's been a push to migrate data into the cloud in recent years in the interest of cybersecurity, and it's certainly safer than local storage. But it's also become the first target of hackers probing for weaknesses, so it's important to add layers of security to defend information on the cloud.
Perimeter security – most companies have an intranet that's managed locally. Where your organization's forward-facing networks meet these locally managed ones, there's a border (or perimeter) that can be vulnerable to cyber-attacks.
Network security – Your organization's network is where everything happens: wherever computers connect to one another, the cloud or the public internet. Leaders should take action to protect it from malice externally and internally.
Endpoint security — An endpoint is any device someone can use to interact with data. This includes laptops and phones, of course, but it also refers to barcode scanners, POS devices and anything connected to the internet (the so-called "internet-of-things"). Because humans use them so often, they're vulnerable to human error and need to be locked down.
Application security – because apps run on internet-accessed servers within browsers, they're likelier to be exposed to insecure networks that provide easy access to hackers. This makes them high-risk targets and securing them should be a high priority, too.
Security Operations Center (SOC) — An SOC is a designated function within the organization whose job it is to strengthen and be proactive about cybersecurity. They look for and respond to cyberattacks, but also spend time educating workers within the organization on security best practices.

With these in place, you can stay a step ahead bad actors to protect the privacy, data and assets for your organization and the clients it serves.

To go into even more detail about each of these foundational elements of cybersecurity, read the full article at forbes.com.

Complexity in Cybersecurity is its Biggest Weakness

Obviously, networks and their access points are complex, and every time we add something new — an app, for instance, or set of entry points — they become more so. And complex challenges require complex solutions, right? It might seem that way, given the wealth of options and next-generation solutions that finance leaders have at their fingertips.

But some cybersecurity experts argue that every time an organization adds a new tool that promises another level of security, they weaken its cybersecurity infrastructure by introducing more opportunities for it to fail. To avoid complicating matters, leaders should consider a few important questions before implementing something new.

Which assets hold the highest value?
Where are they vulnerable?
How can I mitigate that?
Are my mitigation efforts effective?

By doing this, leaders in the finance function can determine where to spend the bulk of their effort, time and money and identify instances where they can reduce complexity and eliminate redundancies. To take a deeper dive into these steps, read the full article at forbes.com.

Get Ready for New Cybersecurity Regulations - Follow These Steps to Strengthen Your Defenses

For a long time, it was up to private companies to determine the best ways to protect themselves and their clients from bad actors. As the cyberattacks these bad actors deploy increase in scale and severity, however, that's changing. New regulations are on the horizon or on the books already, mandating everything from localization requirements to incident reporting rules.

The best way to stay compliant is to be proactive, and finance leaders can stay ahead of them all by taking a few simple steps:

Review your current procedures: Take stock of what you're already working with so you know how to adjust them when the time comes.
Implement or update ransomware policies: Do you know what your organization's policy is on ransomware attacks? Some new laws could affect the legality of your response so review those laws and rewrite policies as needed.
Prepare for new requirements: New legislation might require you to maintain a software bill of materials (SBOM) that outlines exactly what software you're using, even if it's bundled with other software.
Watch the headlines: Don't be caught off guard! Someone (or a team of someones) should be tasked with watching proposed and passed legislation and their potential impacts so you have a zero-day action plan ready to go.

For more information about what's coming and what you can do to prepare, read the full article at hbr.org.

How Businesses Can Fight Cyberattacks

It's time to stop thinking about cyberattacks as random, one-off events. Hackers don't really differentiate between public and private entities. They can be opportunistic, which means they're industry-agnostic, and they're becoming ubiquitous. Everyone should be prepared, which means at minimum, organizations should:

Lock up credentials – Consider using a password manager to secure account credentials, especially if they're shared among teammates. Always use multi-factor authentication to log in.
Update, update, update – it's tempting to just hit "Update Later" on your devices, apps and browser. Resist it. While you're at it, make sure your cybersecurity protocol is up-to-date, too.
Educate employees – A lot of cyberattacks are frustratingly simple. Do your employees know how to identify phishing emails and know not to click on suspicious links?
Invest in a VPN – Especially in the remote work era, using a virtual private network and having your employees do the same keep data encrypted and protected.

A lot of cybersecurity threats are easier than you think to combat. It all starts with knowing how to strengthen your cybersecurity. See which basics you should be implementing when you head over to fastcompany.com to get the complete strategy.

As the CFO role evolves, many top-tier finance leaders are taking ownership of technology initiatives. See how Personiv can help you devote more time to implementing cybersecurity measures.

How On-Demand Payroll Can Upgrade Your Business

As the business world is changing ever faster, you have to stay ahead of the game or suddenly you’ll wake u...

Becoming a SaaS Guru

In this episode, our guest shares his experience helping SaaS companies scale quickly and set themselves up...

INSIGHTS + Info

The Weekly Ledger No. 65: Cybersecurity and Finance

Build a Cybersecurity Foundation - See What to Strengthen

Complexity in Cybersecurity is its Biggest Weakness

Get Ready for New Cybersecurity Regulations - Follow These Steps to Strengthen Your Defenses

How Businesses Can Fight Cyberattacks

Previous Article

Next Article

The Weekly Ledger No. 65: Cybersecurity and Finance

Build a Cybersecurity Foundation - See What to Strengthen

Complexity in Cybersecurity is its Biggest Weakness

Get Ready for New Cybersecurity Regulations - Follow These Steps to Strengthen Your Defenses

How Businesses Can Fight Cyberattacks

Previous Article

Next Article

More Content

Dive into the digital wave! Learn how financial institutions globally are transforming with cutting-edge technology. Discover industry-specific insights & strategies to join the FinTech revolution.

Make your job as a finance leader easier with AI in the finance function. Learn about the benefits, challenges, and considerations of implementing new technology with this quick-start guide.

The ability to identify, evaluate, and mitigate these risks is crucial for an organization to navigate the uncertainties and challenges they face. Tune in for expert tips on financial risk management.

In recent years, the landscape of financial services has experienced a profound transformation, primarily driven by the rise of Fintech. Read the blog to learn how Fintech is disrupting the industry.

Data analytics is essential to financial success. The ability to collect, analyze & interpret data can provide valuable insights that improve overall financial performance. Tune in to the discussion.

What is ChatGPT, anyway, and how will it (actually) affect accounting? Read on to find the answer.

Learn about cybersecurity in-depth with the help of Ben Chrnelich, President and CFO at Symphony. He shares his best-proven tips on how to protect Sensitive information in the remote work era.

Can you give me some advice on how to get buy-in for a big change when I know that the idea I'm proposing will cause a lot of growing pains in the short term but pay dividends in the long run?

Technology has created numerous opportunities for the finance & investment space, some of which include automation, online investing, etc. More on the topic will be shared by Fraser Armstrong-Watters.

How can CFOs and finance leaders leverage new technology and top talent to grow their teams? Tune in to the discussion and find the answer to this and more finance questions in our latest event recap.

The role of the contemporary CFO is one of the most important functions in any organization. In today's ever-changing business environment, CFOs need to possess a unique set of tech skills. See more.

As the business world is changing ever faster, you have to stay ahead of the game or suddenly you’ll wake up at the back of the pack. See how payroll on-demand helps.

In this episode, our guest shares his experience helping SaaS companies scale quickly and set themselves up for success. Learn the best tips from the SaaS Guru himself.

Why is data analytics important in the internal audit process? And why should internal auditors approach data themselves? Read on to learn all the reasons.

Scot Parnell is the Chief Financial Officer at DailyPay. He has a wealth of expertise in topics such as on-demand pay and many more, and he's got some tips to share with the CFO Weekly audience.

These days we're collecting more data than ever. But many organizations fail in achieving data transformation. So, how do you build a successful data-driven organization culture? Read on.

Discover proven strategies to onboard virtual employees seamlessly. Learn the best practices guaranteed to integrate new talent into fully virtual teams effectively.

Finance doesn’t look the same as it did 15 years ago. Value creation through technology, education and visual storytelling is a must. Is your finance team creating value? Find out.

Ready to join the virtual accounting revolution? Download your toolkit with 11 compiled resources and start streamlining your finances.

Dive deep into how data can transform your decision-making process, leading to improved performance, better resource allocation, and a more data-centric organization. Make smarter choices today!