Security breaches are commonplace. While the high-profile ones will make headlines, there are millions of far smaller ones which don’t – but that doesn’t mean they haven’t happened. The problem is growing, too, as the number of records exposed in data breaches rose by 97 percent in 2015. It’s not hard to see why: hackers make money by targeting information, with whole companies set up for this purpose.
So, as a CFO, what do you need to consider when it comes to information security? Here are our top five things you need to know:
Data security is only as strong as the weakest link; as implied, CFOs need to be aware of what those links are and put in place appropriate policies and protocols to mitigate risk. That includes measures such as encryption, AV and intrusion detection, and firewalls.
For CFOs, the problem is obvious as their team works with financial and customer information systems. That drives up the necessity to take charge of data security, with defined access, a information security culture and close attention to how employees handle company data.
Be prepared for a breach
It’s generally a good idea to assume that it is a case of ‘when’ not ‘if’ a breach will happen. Take that approach and you’ve made the first step towards being prepared for a breach. Have a plan of how you will react to stop the attack, then mitigate the potential consequences. Your strategy should hinge on what information is lost or threatened; establish a policy and protocol to assess the damage, remedy it, communicate with stakeholders, and establish preventative measures. The assistance of a trusted security expert is highly recommended.
This fight never ends
It would be great to say once your security systems and processes are in place, the job’s done. But it isn’t. Security is an ever-shifting target and the attackers, with much to gain, keep looking for new ways to get into your data. That means vigilance is necessary; for busy CFOs, it is a good idea to look to an expert provider which will routinely conduct assessments and update the security posture regularly to keep your company safe.