As global cyberattacks persist, cybersecurity is becoming a main focus in the C-suite. Gone are the days where it’s just a concern for IT teams. These rapid, sophisticated attacks across industries have demonstrated that cybersecurity is the responsibility of the entire organization as they seek to avoid the crippling effects associated with data breaches.
This is especially true of finance teams and financial executives. Financial executives are tasked with the job of ensuring consistent fiscal well-being and driving economic growth within their organizations, while determining and avoiding risk factors. Additionally, 38 percent of employees in financial roles claimed CFO as the role responsible for cybersecurity at their organization. To this end, corporate finance teams have to be concerned with, and take ownership of, cybersecurity initiatives within their organizations.
These breaches can result in non-compliance fines and reputational damage that can have lasting effects on the bottom line, with 85 percent of managers at financial institutions stating damage to reputation as the most prominent consequence of a data breach. With GDPR taking effect in May 2018, the consequences of not following regulations and compliance standards will take on a new level of financial and reputational penalties, including damage to the digital trust that you have with your customers, employees, investors and other stakeholders.
Due to the various types of monetary transactions and data that go through the finance department – bank account information, money transfers, invoices and more – these teams are prime targets for cyberattacks. As financial executives get proactive about cybersecurity, here are some of the top attack methods and vectors, along with mitigation strategies to consider.
To mitigate the financial risks posed by these and other threats, financial executives should work with leaders and departments across the organization to build a secure environment, both in terms of personnel and IT infrastructure.
One way to do this is to ensure your organization is aware of common cyber threats. Being aware of your own susceptibility to cyberattacks will make your organization more equipped to handle them. Financial executives can do this by having employees participate in cybersecurity training that will make them more cautious when opening emails from unknown sources, or emails that contain suspicious content.
Additionally, executives should encourage IT to administer cyber threat assessments at regular intervals to understand where the business is vulnerable and build defenses accordingly.
With a cyber-aware culture, executives must then ensure that the organization has the proper security architecture in place to detect, isolate, and mitigate any breach in real-time across distributed environments.
By implementing a fabric-based approach to security, organizations can get real-time intelligence of data movement across their network from endpoints to the cloud. The integration of security tools ensures that each solution is up-to-date with the most current threat intelligence, and provides single-pane of glass management.
Finally, financial executives need to make sure there is a clear understanding of which data is the most critical, where that data is stored, and who has access to it. Among the most effective ways to do this is with internal segmentation and access management. Internal segmentation isolates sensitive data behind a special-purpose firewall, ensuring that in the event of a breach this data is not compromised while giving greater visibility into lateral data movement. Access management ensures that only necessary employees are able to access this data, reducing internal threats.
Cybersecurity is no longer just a job for IT teams. With sophisticated attacks that can do permanent damage to an organization’s bottom line, C-level executives, especially in finance, have to take a leading role in cybersecurity initiatives. The most effective way to do this is by building a culture of cybersecurity awareness and ensuring the correct tools are in place to detect and mitigate threats.
Original article published in Global Banking and Finance and can be found here.
Read more about how Fortinet secures financial services organizations.
For more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security approaches to evaluate to protect against them.