Protect your business from cyber threats, AI risk, and ever-evolving regulation
Your top priority is protecting your organisation's financial health, which explains why defending against threats is typically the first stage in the CFO digital maturity journey.
Cyber attacks and data leaks are a significant risk to continuity, causing downtime in business-critical systems, loss of information, regulatory penalties, and financial losses.
These can damage a business's reputation, with long-term impacts on customer loyalty and stakeholder relationships.
Below, we reveal the most common digital weaknesses identified in our survey of over 500 finance leaders, and how to overcome them.
More than a third of businesses don't train their people on data security.
Sharing knowledge about cyber and data threats helps finance teams and the wider business respond appropriately to suspicious activities like phishing emails or calls.
Align with IT and cyber security teams to roll out continuous skills development and awareness initiatives, giving employees the confidence to identify and handle cyber threats.
Training doesn't have to be an annual checkbox exercise. Regular role play is an effective way to prepare for cyber crises. These interactive sessions use real-world examples to educate teams to spot threats and understand the consequences of a mishandled breach.
Nearly a third of CFOs don't have cyber incidence response plans, while one in three don't monitor regularly for data breaches or cyber threats.
Operational resilience is key to protecting the company's financial health. Help your business respond more effectively to data and cyber incidents in the following ways:
Clearly define incidents to determine an appropriate response during an event or crisis, depending on whether it's low, medium, or high impact.
Create a robust communication strategy for internal stakeholders and external audiences to ensure key details are shared with the right people at the right time.
Keep pre-approved external advisers on standby to make quick and informed decisions during a crisis.
Conduct regular scenario planning and simulations to help people across the business understand how to handle cyber events so they don't escalate into crises.
The top two risks CFOs anticipate over the next 12 months are artificial intelligence (AI) allowing competitors to undermine their business, and creating new risks in the business.
AI has the potential to leak confidential data, which could lead to market-price changes or the exposure of commercially sensitive information.
AI systems that handle personal data must comply with regulations like GDPR, which require explicit consent from the data subjects.
AI systems might store proprietary information which vendors could use to create standardised products and offer them to competitors.
Businesses must comply with various regulatory requirements, such as the EU AI Act, or risk penalties.
AI implemented without a clear commercial strategy could result in wasted outlay.
AI not governed correctly can cause both reputational and financial damage to a business. CFOs must work closely with technology and governance colleagues to make sure any new use of the technology is compliant and secure – especially in highly regulated industries, such as pharmaceuticals or banking.
Updates to governance frameworks should give CFOs visibility over all AI solutions used or developed within the company so they align with strategic and reputational goals. Likewise, governance should ensure the training, validation, and testing of datasets so they’re free of errors and relevant to the intended purpose.
CFOs identified keeping up with changes to regulatory requirements as the top digital business risk in the next year.
Regulation is finally catching up with the rapid technological leaps of the past five years.
Billed as the world's first comprehensive AI law, it adheres to any companies doing business in or with the EU. Failure to do so can result in fines of up to EUR 35 million.
GDPR was introduced to protect the vast amounts of personal information held by organisations. As AI systems depend on large amounts of personal data, the regulation has never been more salient.
Technology isn’t static, nor is regulation. CFOs need to make financial operations compliant with present laws and regulations while futureproofing for inevitable updates.
27% of CFOs say that enhancing the control environment is one of their top digital investment priorities for their business.
CFOs must present accurate and reliable financial information, with severe consequences for misrepresentation. Strict controls on data reduce the risk of accidental error.
Establish clear policies and advanced controls to limit who can do what within financial systems. This includes ensuring proper segregation of duties to prevent conflicts of interest, such as making sure that the same person can't both raise and approve a purchase order.
Monitor changes in financial data, track who has made changes and guarantee a clear journey of evidence for all transactions. Techniques like anomaly detection and Benford analysis can identify unusual patterns that might indicate fraud or errors.
Put robust processes in place to verify the accuracy of financial reports and guarantee that all data goes through proper controls and governance. Automating financial processes like reconciliations and approvals reduces the risk of human error and increases efficiency.
Process debt describes inefficiencies and outdated processes that can undermine a control environment. To avoid this, CFOs must regularly audit financial IT systems to keep pace with current needs.
Just two years ago, few people knew the term large language model (LLM); now, we can't imagine meetings without an AI summary. The pace of change can make managing technology risk daunting.
However, CFOs have no choice but to get involved in all areas of digital defence, from cyber security to compliance.
Support for finance leaders to advance through the four stages of digital maturity.
*The CFO Digital Survey is an anonymous questionnaire for 300 CFOs at businesses with £50 million-£1 billion annual revenue (mid-market) and 200 CFOs/GFCs at businesses with more than £1 billion annual revenue (large corporates). The data was obtained in June 2024.
All respondents come from UK-based businesses across a range of sectors and regions.
The journey to digital maturity is unique to each finance leader. Wherever you are on your journey, use our insights to fill the gaps and guide your next move.
Thank you for registering. We will be in touch as soon as the next insight is launched.