BUSINESSES today face ever-evolving threats, forcing them to rethink security strategies for long-term sustainability. As a result, corporate finance teams are more actively partnering with IT to ensure an organisation’s security strategies are able to protect critical financial data. Araldo Menegon, managing director, financial services at Nasdaq-listed cybersecurity firm Fortinet, discusses with Sudhir Chowdhary the issues and trends affecting corporate finance teams today. Excerpts:
Since security is managed by IT, why do finance teams need to get involved?
More and more companies are realising the increasing exposure to cyber threats. As employees bring more devices into the workplace, data and applications communicate with the cloud, and as businesses share more information with vendors and partners, the footprint for security grows wider. Security needs to be “managed” by everyone in an organisation. A company’s financial information can be a key target for malicious attacks, so finance teams need to know how to limit their vulnerabilities.
What’s the most common security threat for businesses?
Email scams and phishing continue to be a primary cyber concern. Cyber criminals are becoming increasingly sophisticated in their attacks, with subject lines and information more targeted to your employees’ interests. In a recent study, 30% of employees opened a phishing email, and 12% then clicked on an infected document or link, allowing the malware to run its course. The malware can distribute spyware to collect information about a user or system without his or her knowledge, run malicious code to damage targeted systems or applications, or embed ransomware, which shuts off access to data or systems until one pays for its release.
How do corporate finance teams protect against these growing threats?
While you can’t entirely prevent a compromise, you can control how prepared you are to react and respond. Here are specific actions for CIOs and their teams to consider.
Evaluate the applications you deploy and where they sit: Applications that are hosted directly on the Internet are more easily compromised. Be sure your finance applications have a secure point of access, with proper security systems protecting the flow of information between applications and data.
Establish security requirements for finance vendors: Remember that you can protect your own system, but if a malicious attack targets a vendor, your data can still be breached.
Work with your IT counterparts: Take a look at all the vendors your company does business with and note what level of access they have into your environment. Build a template with key questions and considerations to assess the security of any third party, and determine the minimum requirements your vendors need before they can do business with your organisation.
Can devices be vulnerable to an attack and thereby compromise the security of an organisation?
Definitely, that is why one should regularly identify and inventory all devices used by finance. Cyber criminals have targetted devices that were thought to be decommissioned but were still connected to the network. Finance can help ensure that all assets are properly monitored so that such vulnerabilities are limited.
What is the way forward?
Train your teams and ensure accountability. This should be a continuous process so that training and testing is updated about the latest attack methods. Be sure that any employee who regularly strays from security protocols is held accountable. Even the best training will be ineffective if employees are not responsible for repeated lapses.
Once a breach has occurred, what can a finance team do?
This is where partnership with your IT security team is key. You can minimise the impact of the breach by segmenting your network into security zones. This will allow you to create various choke points to help isolate the breach and monitor and secure traffic as it moves between security zones. Sandboxing can help manage potentially nefarious data that initially breaches the network. This software can detect previously unseen or sophisticated malware and route it to a sandbox with equally sophisticated analytics. The sandbox technology should interact with other enforcement points – such as your email security technology, NG firewalls, endpoints, as well as various others—to take action.
Finally, every finance organisation needs a documented procedure to assess damage, repair systems and machines, and restore normal operations. Regular security drills can help your team implement recovery quickly and efficiently, when it’s needed most.