Industry news

Be that CFO who won’t stop bringing up cyber

Catherine Chipeta
3 Min

At a recent Eftsure event, cybersecurity expert Bastien Treptel gave finance leaders some no-nonsense advice: “Be that annoying person who always brings up cyber during board meetings.” It might sound like a quip, but in today’s digital landscape, it’s more of a mandate.

The modern CFO role has dramatically expanded beyond traditional financial management. A CFO Dive article highlights the need for CFOs to hone both technical skills, like cybersecurity and data analytics, and soft skills, such as communication and collaboration.

This shift underlines that cybersecurity is no longer just a tech issue; it’s a core business concern. Gartner states the modern CFO must be at the forefront, championing cybersecurity efforts and bridging the gap between financial strategy and technological innovation.

Cybersecurity: why it’s a CFO problem now

Cyber threats aren’t just a tech problem—they’re a financial catastrophe waiting to happen. IBM’s latest report puts the average cost of a breach at over $4 million. That’s why CFOs need to step up and make sure their companies are ready for these threats. A McKinsey study notes that aligning cybersecurity investments with broader financial strategies is no longer optional—it’s essential. And that alignment isn’t just about doling out the budget; it means working closely with CISOs and IT leaders to make sure every dollar invested truly counts.

Bridging the gap: where cyber and finance don’t meet

One of the biggest headaches for CFOs is the gap between cybersecurity and financial controls. All too often, finance and IT teams aren’t in sync, leaving gaps that cybercriminals love to exploit. Our recent webinar highlights when finance and IT teams work hand in hand, they present a stronger line of defence against cyber threats. “Finance leaders need to take ownership of cybersecurity strategies,” stressed Gavin Levinsohn, Chief Growth Officer at Eftsure. “The days of leaving it all to the IT team are over.”

What’s a CFO to do?

So, how can a CFO effectively take the reins on cybersecurity? PwC suggests using AI and automation tools to detect threats early. Regular and meaningful dialogue with IT leaders can ensure that cybersecurity initiatives are not just technically sound but also financially justified. In other words, don’t just approve the spend—know exactly what it’s buying and why it matters.

CFOs are expected to be more than just financial gatekeepers; they’re becoming strategic partners who leverage technology and data to drive the business forward. As highlighted by CFO Dive, upskilling in areas like data analytics, cybersecurity, and cross-departmental collaboration is essential. By leading these efforts, CFOs can better align cybersecurity investments with broader financial strategies and create a culture of proactive risk management.

Implement financial controls to detect breaches early

One key step CFOs can take is to strengthen financial controls that help detect potential cyber threats early on. By integrating cybersecurity metrics into financial reporting, organisations can quickly identify any unusual patterns or anomalies that may indicate a breach. Monitoring for unexpected changes in payment frequencies, new vendor accounts, or unexplained variances in financial statements can serve as an early warning system against cyber fraud.

A robust framework for financial controls isn’t just about safeguarding assets—it’s about ensuring your organisation can respond swiftly and effectively when threats arise. Tools like continuous auditing and anomaly detection software, combined with regular training and awareness initiatives, can empower CFOs to proactively guard against threats rather than react to them.

Build a resilient financial and cybersecurity framework
Learn how you can establish and optimise financial controls that protect against cyber risks.

Related articles

Industry news

How is AI being used in finance?

The finance industry is undergoing a major transformation thanks to the rapid adoption of AI technology. Much of this trend has been …

Read more

The new security standard for business payments

End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.