Cyber attacks can cripple effect businesses. Finance professionals must install the necessary system security.
Kudakwashe Charandura, partner at SNG-GT, informed accountants attending the Finance Indaba 2018 at the Sandton Convention Centre that even though innovative technology brings exciting opportunities for businesses, it also comes with new risks that companies need to safeguard against.
He asked a room full of finance professionals:
“How many of you have received an e-mail saying you’ve won millions of dollars or that your dead uncle has left you an inheritance worth millions of dollars and you have to send them your banking details?”
The crowd nodded knowingly.
Kudakwashe told attendees that’s just one of the few scams that come with technology. Other more serious examples included the US company Equifax which had a data breach affecting 143 million people and, in South Africa, a data breach in real estate saw 60 million identity numbers leaked.
But what do all these attacks have to do with finance professionals? Kudakwashe thinks that this is not just an IT problem but also affects finance professionals. Technology has resulted in changes in the finance profession – they no longer use paper to do their work, they use computers and cellphones, which can be hacked. “Finance professionals face new risks and challenges, and are often targeted by cyber criminals,” explained Kudakwashe.
Accountants are often victims of a cyber attack because they hold sensitive client information such as tax returns and payroll data, and they are in charge of payments.
It is therefore vital for accountants to have tougher controls around their IT systems and make sure that they are adequate to deal with these risks.
The impact of a cyber attack on a company is huge and sometimes leads to financial loss, drop in share price, information loss and brand reputational damage.
Kudakwashe said:
“It’s important for CFOs to partner with a cyber security team to combat cybercrime, you can’t leave it to IT alone.”
Cyber security has to be moved up to board level and have strategies developed around it.
Kudakwashe advised accountants to identify all the weaknesses and every possible way a hacker can harm their companies and find solutions to this. “Look at what is more important and where your crown jewels are, and put controls around that,” he explained.
[cfocoza-cta slug=finance-indaba-africa-2019-register-for-free]
He admitted that one can never have 100 percent security because there’s always a chance that a hacker will get through whether it’s on a mobile device or laptop. However, it is important for companies to build cyber resilience so that the business can still continue after an attack.
“You need an incident response stage with specifics on what employees should do when your company is under attack and how you’re going recover from a cyber attack,” added Kudakwashe.
Kudakwashe likened cyber security to an onion which has lots of layers and insisted companies have to put layers of security around their data to make it difficult for cyber criminals to break through.