CFOs concerned about hacking, optimism still high - survey

CFOs are growing increasingly concerned about data security threats, according to the Duke University/CFO Global Business Outlook

CFOs are growing increasingly concerned about data security threats, according to the Duke University/CFO Global Business Outlook.

The survey also found rising interest rates are expected to dampen corporate growth.

The CFO survey has been conducted for 89 consecutive quarters and spans the globe, making it the world's longest-running and most comprehensive research on senior finance executives. 

Data Security Threats

Concern about data security is at an all-time high among U.S. CFOs. Nearly one out of every five companies say that their computer systems have been breached by hackers.

“Twenty percent of CFOs know their firms have been hacked. There are probably many more who don’t even know their company’s systems have been breached,” said Cam Harvey, a founding director of the survey, who teaches a technology innovation course at Duke's Fuqua School of Business. “Ten years ago, cybersecurity was not a C-suite responsibility. Now it is. Companies are defending themselves from near-continuous denial of service attacks and critical data breaches. To fight this battle costs money, which falls right off the bottom line. The cost is not just equipment, software and consultants, it is also reputation if you are breached.”

Most U.S. companies are actively taking steps to reduce data security risks. Seventy-one percent have installed new software or introduced new procedures, 71 percent have introduced anti-penetration features like two-factor authentication or more stringent password protection, 54 percent have upgraded employee training, and nearly half have hired outside cybersecurity experts, among other measures. U.S. companies lead the world in preventive cybersecurity policies, followed in order of preventive activity by companies in Europe, Africa, Asia, and Latin America.

Rising Interest Rates

U.S. companies expect their cost of borrowing to increase over the next year. The typical firm expects their long-term borrowing rate to increase from 5.2 percent currently to 5.8 percent in one year. Increased interest rates would lead the typical firm to reduce capital spending growth from about 8.3 percent this year to about 7.1 percent next year.

“Rising interest rates dampen the incentive of companies to borrow and spend, slowing economic growth,” said John Graham, a finance professor at Fuqua and director of the survey. “We also asked CFOs about their spending plans in a high interest rate environment. In their high interest rate planning scenario, long-term borrowing costs would average 7.5 percent and capital spending growth would increase by only about 5 percent.”

Optimism Remains at Record Levels

The Optimism Index in the U.S. remained at an all-time high of 71 on a 100-point scale this quarter. Optimism fell in Africa, Asia, Europe, and Latin America. The survey’s CFO Optimism Index is an accurate predictor of future hiring and overall GDP growth.

“This increased U.S. optimism appears to have increased expectations for M&A activity,” Graham said. “More than 70 percent of CFOs expect more mergers and acquisitions to occur over the next year.”

Tight Labor Market Is Top Concern

The proportion of firms indicating they are having difficulty hiring and retaining qualified employees remains near a two-decade high, with 41 percent of CFOs calling it a top concern. The typical U.S. firm says it plans to increase employment by a median 3 percent in 2018 and expects wages to increase 4 percent on average.

“The tight labor market continues to put upward pressure on wages,” said Chris Schmidt, senior editor at CFO Research. “Wage inflation is now a top five concern of U.S. CFOs.”

Wage growth should be strongest in the tech, transportation, and service/consulting industries. U.S. companies expect the prices of their products to increase by more than 3 percent over the next year.

Capital spending is expected to grow about 7 percent, and employment 3.6 percent, over the next 12 months. One-in-five Asian firms say their systems have been penetrated by hackers. Fifty-six percent have taken steps like two-factor authentication to make it more difficult for hackers, and 48 percent have installed new software. Overall preventive cybersecurity is lower in Asia relative to the U.S. and Europe.

Latin American optimism slipped this quarter, down to 64 in Mexico, 69 in Chile, 54 in Brazil, and only 36 in Ecuador. Optimism increased to 61 in Peru. Nearly half of firms in Peru say that economic prospects have improved since President Kuczynski resigned, compared to only 16 percent who say prospects worsened. Sixty-one percent say that the political and economic environment has stabilized.

Economic uncertainty is the top concern among Latin American CFOs, with 69 percent of firms listing it as a top-four concern. Other concerns include government policies, worker productivity, and currency risk. Capital spending is expected to grow 2.5 percent and employment 2.2 percent over the next year. Eighteen percent of Latin American firms say their systems have been penetrated by hackers. Nearly 55 percent have taken steps like two-factor authentication to make it more difficult for hackers, 38 percent have installed new software or changed procedures, and 32 percent have increased employee training on best practices. Generally speaking, Latin American firms have taken fewer anti-hacking steps than companies in other parts of the globe.

Business optimism in South Africa fell to 51 this quarter, down from 59 last quarter. Nigerian optimism fell to 54 from 62. Median employment should increase by 3.6 percent over the next 12 months, while capital spending will fall. Interest rates are expected to fall over the next year, leading to increased business spending next year. The biggest concerns for African CFOs are governmental policies, economic uncertainty, corruption, access to capital, and employee morale. Twenty-seven percent of African firms say their systems have been penetrated by hackers. Sixty-one percent have taken steps like two-factor authentication to make it more difficult for hackers and 52 percent have installed new software or changed procedures. The amount of preventive corporate cybersecurity policies is less in Africa than in the U.S. and Europe but is greater than in Asia and Latin America.