Sections

What Is The CFO’s Role In Preventing A Cyber Attack?

Thack Brown

Cybersecurity is a top concern for companies across industries in today’s increasingly data-driven, digital world. From political headlines to email phishing attacks directed at our inboxes, or across a growing number of smart devices, we face a growing challenge in ensuring that data can be protected within our organizations.

Cybersecurity concerns are top-of-mind for all departments across the enterprise, but finance remains one of the most vulnerable areas for malicious attacks. A recent report from Deloitte noted that U.S. financial services companies lost on average $23.6 million from cybersecurity breaches in 2013 – the highest average loss across all industries.

Today, information equates to power, and customer information is not the only data that is at risk. A company’s internal assets, including financial and strategic plans, can also be targets. An attack on this data (either for leakage, manipulation, ransom, or other malicious intent) could endanger a CFO’s relationships and trust with a number of important parties. It could also lead to business disruptions and loss of market share, not to mention potentially hefty fines.

In this environment, how can CFOs and their organizations more broadly implement an effective cybersecurity strategy?

Provide continuous security education. Education should be a key priority for the CFO to make sure that the risk of cyber attacks is understood and potential impacts are addressed, especially when it comes to protecting critical financial planning documents. Beyond IT it is essential that every employee, from line managers to the C-suite, receive training on cybersecurity trends and threats, whether it’s setting up a company-wide training or nominating a cybersecurity subject matter expert whose role is to set overall standards and advise the board. Given the high stakes, understanding a company’s risk is a critical component in fending off a potential breach.

Understand your data and map assets. As the number of breaches continues to grow at a rapid pace, many companies have decided to strictly protect all of their data. Not only does this come with a hefty price tag, but since resources are often limited, it could also mean overlooking some valuable assets. Not all information is critical or confidential. To best prioritize data protection needs, CFOs should work with their finance teams to evaluate which data is critical and rank it appropriately. Once data is evaluated and ranked, it is also important to know where the data lives and how it can be accessed. This might seem like common sense, but a recent EY study found that only 40% of companies hold an accurate inventory of their data ecosystem. In order to truly protect information, CFOs and finance teams need to understand how sensitive information is being accessed in order to get a full picture of potential vulnerabilities.

Evaluate existing risk and resolve vulnerabilities. The CFO is responsible for managing the risk created by or impacting their finance operations, and cybersecurity is no different than any other risk assessment that a CFO needs to perform in order to keep the finance department running smoothly. Applying a root cause approach is very relevant in this case, as it will help find the weakest link, but it is important to not stop at IT impacts. To understand the real exposure of each vulnerability, roll up the risk chain and assess the business, strategic, and also operational impacts resulting from a data breach.

Stay a step ahead. When it comes to cybersecurity, the best defense is a good offense: CFOs should routinely run test scenarios to make sure that protective measures are working and weaknesses in the structure are rectified. While it may not be the best idea to encourage finance teams to attempt to hack their own data, partnering with your IT department and letting the experts run some tests can be a positive exercise. By being proactive, CFOs can deter future breaches before they happen, as well as protect their own personal liability in the event of a breach.

While a company cannot always prevent a breach from occurring, the organization – and finance executives in particular – can take steps to ensure that their organization is best prepared to mitigate an attack and control the impact to the finance function. By educating the workforce from the ground up, taking the time to understand the data at risk, resolving any known vulnerabilities and being proactive, companies can be effective in fending off a potential cyber attack.

This article originally appearing The Huffington Post and is republished by permission.

Follow SAP Finance online: @SAPFinance (Twitter)  | LinkedIn | FacebookYouTube

Comments

Thack Brown

About Thack Brown

Thack Brown is General Manager and Global Head for SAP’s Line of Business Finance. In this capacity, he is responsible for the full suite of SAP solutions for the Office of the CFO. SAP has the market’s most robust portfolio of solutions for finance professionals, covering all the major financial process, including: Financial Planning and Analysis, Managerial and Statutory Accounting, Treasury, Risk and Compliance and core finance operations such as Shared Services, Real Estate, Travel and Expense Reimbursement, Accounts Payable and Accounts Receivable, etc.

The CFO Role In 2020

Estelle Lagorce

African American businessman looking out office window --- Image by © Mark Edward Atkinson/Blend Images/CorbisThe role of the CFO is undergoing a serious transformation, and CFOs can expect their role to continue to evolve, according to a recent CFO.com article by Deloitte COO and CFO Frank Friedman.

In the futurist article, Friedman says one of the biggest factors that will contribute to the CFO’s significant change over the next five years is technology.

Digital technology is obviously expected to drive change in high-tech companies, but Friedman says it’s industries outside of the tech sectors that are of particular interest, as they struggle to understand how to grasp and harness the digital capabilities available to them.

Working with high tech in low-tech industries

Five years from now, a finance team may be defined by how well it uses technology and innovative business tools, regardless of what industry it’s in. The article outlines some examples of ways that digital technology will increasingly be used by CFOs in “non-tech” sectors:

  • Predictive analytics: CFOs in manufacturing companies can forecast results and produce revenue predictions based on customer-experience profiles and current demand, instead of comparing to previous years as most companies still do today.
  • Social media and crowdsourcing: You may not think CFOs spend a lot of time on social media or crowdsourcing sites, but these methods can actually expedite finance processes, such as month-end responsibilities of the finance organization.
  • Big Data: CFOs already have a lot of data at their fingertips, but in 2020 they will have even more. CFOs in both tech and non-tech sectors who understand how to use that data to make valuable, informed decisions, can strategically guide their company and industry in a more digitally oriented world.

To do this, Friedman says CFOs can lead the way by addressing some critical areas:

  1. Know the issues: Gather the key questions that leaders expect Big Data analytics to answer.
  1. Make data easily accessible: Collect data that is manageable and easy to access.
  1. Broaden skills: The finance team needs people with the skills to understand and strategically interpret the data available to them.

The tech-savvy CFO

The role of today’s CFO has already expanded to include strategic corporate growth advice as well as managing the bottom line. In 2020, Friedman says expectations placed on the CFO are presumed to be even greater, and CFOs will likely need a much more diverse, multidisciplinary skill set to meet those demands.

The article details several traits and skills that CFOs will need in order to keep up with the pace of digital change in their role.

  1. Digital knowledge: CFOs must be tech-savvy in order to capitalize on technical innovations that will benefit their company and their industry as a whole.
  1. Data-driven execution: CFOs will need the ability to execute company strategy and operations decisions based on data-driven insights.
  1. Regulatory compliance: Regulations continue to be more stringent globally, so CFOs will need to be proficient at working closely with regulators and compliance systems.
  1. Risk management: With the growing global economy comes increased cyber and geopolitical risks worldwide. The CFOs of 2020, especially those in large multinational organizations, will need to have the expertise to monitor and manage risk in areas that may be unforeseen today.

The future CFO’s well-rounded resume

By 2020, the CFO role will require much more than just an accounting background. According to Deloitte’s Frank Friedman, “CFOs may need to bring a much more multidisciplinary skill set to the job as well as broader career experiences, from working overseas to holding positions in sales and marketing, and even running a business unit.”

So if you’re a current or aspiring CFO, you have five years to round out your resume with the necessary skills to be ready for the digitally driven role of the CFO in 2020.

The above information is based on the CFO.com article What Will the CFO Role Look Like In 2020?” by Deloitte COO & CFO, Frank Friedman – Copyright © 2015 CFO.com.

Want to learn more about best practices for transforming your finance organization? View the SAP/Deloitte Webinar, “Reshaping the Finance Function”.

For an in-depth look at digital technology’s role in business transformation, download the SAP eBook, The Digital Economy: Reinventing the Business World.

To learn more about the business and technology factors driving digital disruption, download the SAP eBook, Digital Disruption: How Digital Technology is Transforming Our World.

To read more CFO insights from a tech industry perspective, read the Wall Street Journal article with SAP CFO Luka Mucic: Driving Insight with In-memory Technology.

Discover 7 Questions CFOs Should Ask Themselves About Cyber Security.

Comments

Estelle Lagorce

About Estelle Lagorce

Estelle Lagorce is the Director, Global Partner Marketing, at SAP. She leads the global planning, successful implementation and business impact of integrated marketing programs with top global Strategic Partner across priority regions and countries (demand generation, thought leadership).

Get Your Payables House In Order

Chris Rauen

First of 8 blogs in the series

Too many organizations ignore the business potential from streamlining accounts payable operations. In a digital economy, however, this may represent one of the best opportunities to improve financial performance and boost the bottom line.

In its recent report, ePayables 2015: Higher Ground, the research and advisory firm Ardent Partners made a strong case for accounts payable transformation. “In 2015, more AP groups are accelerating their plans to transform their operations and scale to new heights,” states the report.

The digital makeover

From a payables perspective, how you go about fixing outdated procure-to-pay (P2P) practices is much like the decision to improve an aging home. Do you tear your house down and build a new one, or leverage as much of the existing structure as you can and begin a major home improvement project?

There is, of course, a third option. Take no action and make calls to plumbers, electricians, roofers, and other specialists as needed before the house falls apart altogether. While few organizations would consider a “triage” strategy the best option to address deficiencies in P2P operations, many still do. (Just don’t share that with your CFO.)

This blog post is the first in a series that will examine options for upgrading procure-to-pay processes from outclassed to best-in-class. Continuing to focus time and effort on managing transactions just doesn’t make sense. With today’s business networks, organizations have new ways to collaborate with suppliers and other partners to buy, sell, and manage cash.

Automation handles low-value activities, eliminating data entry, exception management, and payment status phone calls. That leaves more time for benchmarking operations, monitoring supplier performance, expanding early payment discounts, and improving management of working capital – the kinds of things that can dramatically improve business performance.

Where do you start?

To begin, you have to recognize that getting your payables house in order is much more than a process efficiency initiative. While cost savings from e-invoicing can be 60% to 80% lower than paper invoicing, there’s much more to the business case.

Improving contract compliance and expanding early payment discounts are other components of a business case for P2P transformation. According to various procure-to-pay research studies and Ariba customer results, the cost savings from getting your payables house in order are conservatively estimated to be $10 million per billion collars of spend. We’ll break down these ROI components in greater detail in future posts on this topic.

The value of alignment

Another important first step, validated by the Ardent Partners report, is getting procurement and finance-accounts payables in alignment. As this is a holistic process, you’ll need to make sure that both organizations are in sync, and you have support from upper management to make it happen.

Now, back to the question: Do you approach a payables makeover to support P2P transformation as a tear-down or a fixer-upper? If your procurement-accounts payable teams are out of alignment, your P2P processes are predominantly paper, and decentralized buying leaves little control over spend, you’re looking at a tear-down to lay the foundation for best practices payables. We’ll share a blueprint with you in the next post in this series.

Chris Rauen is a solution marketer for Ariba, an SAP company. He regularly contributes to topics including e-invoicing and dynamic discounting as well as the value of collaborating in a digital economy. 

Learn more about how to take your payables to the next level of performance in Ardent Partners’ research report “ ePayables 2015: Higher Ground.”

Comments

Chris Rauen

About Chris Rauen

Chris Rauen is a solution marketer for SAP Ariba. He regularly contributes to topics including e-invoicing and dynamic discounting as well as the value of collaborating in a digital economy.

The Future of Cybersecurity: Trust as Competitive Advantage

Justin Somaini and Dan Wellers

 

The cost of data breaches will reach US$2.1 trillion globally by 2019—nearly four times the cost in 2015.

Cyberattacks could cost up to $90 trillion in net global economic benefits by 2030 if cybersecurity doesn’t keep pace with growing threat levels.

Cyber insurance premiums could increase tenfold to $20 billion annually by 2025.

Cyberattacks are one of the top 10 global risks of highest concern for the next decade.


Companies are collaborating with a wider network of partners, embracing distributed systems, and meeting new demands for 24/7 operations.

But the bad guys are sharing intelligence, harnessing emerging technologies, and working round the clock as well—and companies are giving them plenty of weaknesses to exploit.

  • 33% of companies today are prepared to prevent a worst-case attack.
  • 25% treat cyber risk as a significant corporate risk.
  • 80% fail to assess their customers and suppliers for cyber risk.

The ROI of Zero Trust

Perimeter security will not be enough. As interconnectivity increases so will the adoption of zero-trust networks, which place controls around data assets and increases visibility into how they are used across the digital ecosystem.


A Layered Approach

Companies that embrace trust as a competitive advantage will build robust security on three core tenets:

  • Prevention: Evolving defensive strategies from security policies and educational approaches to access controls
  • Detection: Deploying effective systems for the timely detection and notification of intrusions
  • Reaction: Implementing incident response plans similar to those for other disaster recovery scenarios

They’ll build security into their digital ecosystems at three levels:

  1. Secure products. Security in all applications to protect data and transactions
  2. Secure operations. Hardened systems, patch management, security monitoring, end-to-end incident handling, and a comprehensive cloud-operations security framework
  3. Secure companies. A security-aware workforce, end-to-end physical security, and a thorough business continuity framework

Against Digital Armageddon

Experts warn that the worst-case scenario is a state of perpetual cybercrime and cyber warfare, vulnerable critical infrastructure, and trillions of dollars in losses. A collaborative approach will be critical to combatting this persistent global threat with implications not just for corporate and personal data but also strategy, supply chains, products, and physical operations.


Download the executive brief The Future of Cybersecurity: Trust as Competitive Advantage.


Comments

Tags:

To Get Past Blockchain Hype, We Must Think Differently

Susan Galer

Blockchain hype is reaching fever pitch, making it the perfect time to separate market noise from valid signals. As part of my ongoing conversations about blockchain, I reached out to several experts to find out where companies should consider going from here. Raimund Gross, Solution Architect and Futurist at SAP, acknowledged the challenges of understanding and applying such a complex leading-edge technology as blockchain.

“The people who really get it today are those able to put the hype in perspective with what’s realistically doable in the near future, and what’s unlikely to become a reality any time soon, if ever,” Gross said. “You need to commit the resources and find the right partners to lay the groundwork for success.”

Gross told me one of the biggest problems with blockchain – besides the unproven technology itself – was the mindset shift it demands. “Many people aren’t thinking about decentralized architectures with peer-to-peer networks and mash-ups, which is what blockchain is all about. People struggle because often discussions end up with a centralized approach based on past constructs. It will take training and experience to think decentrally.”

Here are several more perspectives on blockchain beyond the screaming headlines.

How blockchain disrupts insurance, banking

Blockchain has the potential to dramatically disrupt industries because the distributed ledger embeds automatic trust across processes. This changes the role of longstanding intermediaries like insurance companies and banks, essentially restructuring business models for entire industries.

“With the distributed ledger, all of the trusted intelligence related to insuring the risk resides in the cloud, providing everyone with access to the same information,” said Nadine Hoffmann, global solution manager for Innovation at SAP Financial Services. “Payment is automatically triggered when the agreed-upon risk scenario occurs. There are limitations given regulations, but blockchain can open up new services opportunities for established insurers, fintech startups, and even consumer-to-consumer offerings.”

Banks face a similar digitalized transformation. Long built on layers of steps to mitigate risk, blockchain offers the banking industry a network of built-in trust to improve efficiencies along with the customer experience in areas such as cross-border payments, trade settlements for assets, and other contractual and payment processes. What used to take days or even months could be completed in hours.

Finance departments evolve

Another group keenly watching blockchain developments are CFOs. Just as Uber and Airbnb have disrupted transportation and hospitality, blockchain has the potential to change not only the finance department — everything from audits and customs documentation to letters of credit and trade finance – but also the entire company.

“The distributed ledger’s capabilities can automate processes in shared service centers, allowing accountants and other employees in finance to speed up record keeping including proof of payment supporting investigations,” said Georg Koester, senior developer, LoB Finance at the Innovation Center Potsdam. “This lowers costs for the company and improves the customer experience.”

Koester said that embedding blockchain capabilities in software company-wide will also have a tremendous impact on product development, lean supply chain management, and other critical areas of the company.

While financial services dominate blockchain conversations right now, Gross named utilities, healthcare, public sector, real estate, and pretty much any industry as prime candidates for blockchain disruption. “Blockchain is specific to certain business scenarios in any industry,” said Gross. “Every organization can benefit from trust and transparency that mitigates risk and optimizes processes.”

Get started today! Run Live with SAP for Banking. Blast past the hype by attending the SAP Next-Gen Boot Camp on Blockchain in Financial Services and Public Sector event being held April 26-27 in Regensdorf, Switzerland.

Follow me on Twitter, SCN Business Trends, or Facebook. Read all of my Forbes articles here.

Comments