Are you ready for global risk?
Cybersecurity risk, response and remediation strategies
Cyber risk is a serious issue in today’s global economy. The average data breach costs $4 million, according to the 2016 Cost of data Breach Study: Global Analysis research. The biggest loss is customer flight, a tarnished reputation, down time, and legal consequences. It could even take your business down. The Association of International Certified Professional Accountants (the unified voice of The Chartered Institute of Management Accountants® and the American Institute of CPAs) acknowledges the risks that cybersecurity threats pose to businesses, and in response, has developed a free cybersecurity reporting framework that organisations can use to assess and demonstrate the effectiveness of an entity’s cybersecurity risk management programme.
What are some of the threats that organisations face?
Cybersecurity is not just an IT concern but also a business issue. This means finance professionals need to be fully engaged to help effectively mitigate and recover from cyber threats which can disrupt business operations.
Common threats include:
- Malware
- Ransomware
- Botnets
- Malvertising
- Phishing
- Application attacks
Application attacks in particular are on the rise, as application development is increasingly moving online. While “hackers” often carry the blame for these attacks, other actors include disgruntled employees and employees who fail to follow recommended IT policies.
The trend is also growing in Africa, where cyber criminals are known to use encryption to carry out their threats online. Indeed, cyber-attacks are far more sophisticated than traditional scams. Today, super scammers rely on weak passwords to fool users into revealing their passwords, gain free followers on Instagram, and expose customer data on websites. Furthermore, people who use outdated application versions and unlicensed software are more at risk of becoming victims of cybercrime.
What can management accountants do?
While IT specialists are often the first choice when assembling a cybersecurity team, management accountants can develop an integrated approach to cybersecurity risks to ensure that appropriate measures are in place.
Some of the responsibilities management accountants hold include:
- Protecting information from unauthorised access
- Guarding against improper use of systems•
- Enabling timely access to and use of information and systems
In addition, companies must establish a response team to deal with security breaches. The goals of the response team are:
- Reduce losses
- Help the business return to normal
- Support investigations
- Facilitate crisis communication
Resources to prevent and mitigate cyber threats
Organisations can use the Association’s cybersecurity risk reporting framework to demonstrate to key stakeholders the extent and effectiveness of their cyber risk initiatives. The framework provides a standard way of doing things and is designed to help organisations build a coherent approach to cybersecurity risk management. This information will increase confidence in the organisation’s ability to mitigate cyber risk and protect customers, employees, and investors. The Charted Global Management Accountant (CGMA) cybersecurity tool also provides additional guidance to help management accountants protect their organisations from cyber risks.
And why not grow your cyber security expertise even further?
In addition to using the framework, develop the skills you need to successfully address today’s cyber threats at the upcoming Cybersecurity certificate workshop taking place in Johannesburg on 16 August. Book your tickets at https://www.cimaglobal.com/Cybersecuritygauteng.