CFOs need to take a broader view on risks
Staff either open attachments or click on links in emails that download malicious code, or they are lured into providing passwords and login details.
Rogue software, such as computer viruses, is loaded onto an enterprise system as a result of a phishing attack or by staff accessing compromised websites.
3. Data theft
Unauthorised system access by hackers leads to data breach and theft. Disgruntled personnel may use thumb drives to download ﬁles without authority.
4. Shadow IT
Business units buy cloud-based computing services without the oversight of the IT team, so risk creating systems vulnerabilities when they link these systems to core enterprise applications.
5. Distributed Denial of Service
A coordinated attack using botnets (hijacked computers) to access an online service; the ﬂood of bots blocks access to the service for legitimate users.
Malware is used to encrypt company data and a ransom is then demanded to access the encryption key. Ransomware is now in decline as many companies have learned to protect themselves with rigorous and regular back-ups.
7. Zero-day exploits
Hackers may seek to exploit software ﬂaws, using them as a way into a company’s systems. Regular software patching reduces the risk.
Hackers gain access to poorly protected computing resources and hijack them to mine cryptocurrencies such as Bitcoin. This dramatically slows computing speeds for bona ﬁde processing.
If you have a major cybersecurity event that impacts the organisation’s records, whether there is a ﬁnancial penalty or not, there is an impact on the trust of the organisation and on reputation which will ultimately impact the ﬁnances.
Always keep up to date, maintain dialogues with your IT providers, be proactive and take charge.
Article originally published by Acuity.partica.online. (2019). [online] Available at: https://acuity.partica.online/acuity/august-september-2019/insight/the-era-of-the-cyber-resilient-cfo