Potential for undetected breaches – main security concern for CFOs

Tuesday 29 July 2014 10:15 CET | News

More than 1,000 chief financial officers (CFOs) and corporate controllers have mentioned that the potential for undetected breaches is considered the main cyber security and data privacy concern within their organization, as unveiled by a study conducted by audit, tax and advisory company Grant Thornton.

According to Skip Westfall, managing director, Forensic Technology Services leader and Cybersecurity Services co-leader at Grant Thornton, the results point out where the trend is going and that is no longer just an IT security manager’s responsibility or role within the organization, the C-level executives are getting involved and they understand that it has to be an enterprise-wide look at what they have.

While the recent Target issue certainly wasn’t the first data breach to occur at a high-profile company, Westfall said that two important things came out of it as it relates to senior executives, namely vendor management and protecting data outside the ‘four walls’ of the organization and secondly, the need for greater situational awareness by companies in detecting and mitigating the damage of breaches.

The report indicates that other cyber security concerns among respondents included customer/client data privacy (54%), unknown and identified risks (50%), employee and workplace data privacy (42%) and compliance with data security laws (32%).

Despite the concerns that many corporate executives now express regarding cyber security and data privacy within their organizations, there still seems to be a disconnect between the gravity of the problem and what’s actually being done to mitigate the threat. For example, another research by Grant Thornton shows that while more than 40% of in-house counsel claim that the risk of a cyber-security/data privacy breach has increased in the past year, 17% said that they were still unsure about what was being done to address these risks in their organizations.

While most executives tend to view data breaches in terms of large-scale cyber incidents like Target or something along the lines of the Heartbleed bug, Westfall declares they fail to realise that most of the times a data breach can still involve something as simple as misplaced or stolen paper documents and don’t always involve a sophisticated hacking scheme.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: data breach, Target, US, security, online fraud, digital identity, cyber-fraud, cyber-security
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime