Quantifying the financial benefits of cybersecurity poses a challenge but CFOs can bridge the gap by quantifying its impact in monetary terms. However, it remains unclear whether CFOs want to prioritise digital trust
The digital landscape means building and maintaining trust has become more challenging for organisations, as the risk surface for cyber breaches has broadened.
Now, more than ever, it is crucial for CFOs to prioritise digital trust in order to protect their bottom line and maintain their customer base.
Recent from ISACA indicates that finance leaders should focus more on digital trust strategies after their findings revealed one in five (22%) businesses in Europe have experienced increased cyberattacks in the past year.
According to the report, an overwhelming majority of respondents, including CFOs and finance directors (79%), acknowledge that demonstrating a commitment to digital trust is likely to achieve success.
“While 84% of respondents feel that digital trust is extremely or very important to organisations today, 75% feel it is relevant to their organisation, fewer (64%) say their organisation prioritises digital trust corresponding to its level of importance,” the report states.
“Interestingly, 91% of those currently measuring digital trust maturity feel digital trust is extremely or very important to their organisation,” it adds.
According to the ISACA, digital trust refers to several characteristics a business should possess, including: a positive reputation, reduced privacy breaches and cybersecurity incidents, reliable data for decision-making, and strengthened customer loyalty.
Chris Dimitriadis, chief global strategy officer at ISACA, says CFOs understand that cybersecurity directly impacts the financial well-being of an organisation. However, quantifying the financial benefits of cybersecurity poses a challenge.
“CFOs can bridge the gap by integrating cybersecurity into financial frameworks and quantifying its impact in monetary terms,” says Dimitriadis.
The CFO’s crucial role in building digital trust and navigating cybersecurity challenges is far-reaching.
They contribute in various ways; CFOs must work with procurement departments to ensure their service providers adhere to cybersecurity policies, as well as ensure their supply chains remain protected.
Collaboration between CFOs and cybersecurity professionals is therefore essential, necessitating mutual training to bridge the gap and facilitate effective communication. However, within most organisations, a lack of official channels with regard to cyber security means information sharing is often disjointed.
Dimitriadis, however, says this could be resolved by driving collaboration across departments.
“Before we go to frameworks and strategies, it all starts with people. So increasing training and the skills of the people in those positions, starting with upper management and going down to the staff, is essential to give everybody a shared understanding,” he says.
“After you’ve increased the people’s skills, and the way they express and convey their messages, and so on, those people can work together to implement a holistic framework for the organisation. Because at the end of the day, it’s about business. It’s about the continuity of the business success on the company,” says Dimitriadis.
Dimitriadis suggest that CFOs receive cybersecurity training and in tandem impart financial knowledge to cybersecurity professionals within their business. He says that by speaking the same language, and quantifying cybersecurity in monetary terms, these two critical roles can effectively communicate and align their efforts.
SimSpace CFO Jamie Gerber, says some organisations have not even formalised cybersecurity management, and instead have given responsibilities to existing groups.
“It is not coincidental that cybersecurity concerns have reached the board level and are being addressed through the audit committee,” he says.
“The audit committee, with whom the CFO frequently interacts, often takes charge of cybersecurity matters. In cases where a company’s board lacks a dedicated risk committee, the audit committee assumes responsibility for overseeing various risks, including financial reporting, operational, and notably, cyber risk,” says Gerber.
According to the ISACA research, 41% of respondents cited both a lack of leadership buy-in and a need for more alignment between digital trust and the organisation’s goals as serious. The report further states that this is a severe blocker of progress.
Gerber told the CFO that poor education amongst board members meant they were failing to ask CFOs the right questions.
He said this meant questions around how a company can withstand a cyber-attack were not adequately answered.
“Our company has a very robust set of internal controls. And, we do use our methods amongst good cyber controls designed to keep us and our customers safe,” says Gerber adding that this was not always the case, especially in giant multi-billion corporations.
ISACA’s research also signalled that a lack of budget was a barrier for 38% of respondents, indicating that businesses lack resource to mitigate digital trust issues.
According to the report when zooming in on regions, overall Africa reports more obstacles to overcome than other regions. It has the highest incidence in the categories of lack of skills and training, lack of leadership buy-in, lack of alignment with enterprise goals and digital trust not being a priority.
Respondents from Oceania rank highest for noting the lack of budget.
Concerns were also raised around the provision of digital trust training. The report states that 49% of respondents identify a need for more skilled staff and training as obstacles to achieving high levels of digital trust.
The findings indicate the need for businesses to prioritise investment in digital trust training and skills development – from the C-suite to entry-level employees.
Digital trust is a critical factor in an organisation’s success, and CFOs play a pivotal role in navigating the challenges it presents.
By championing cybersecurity initiatives, integrating it into financial frameworks, and fostering collaboration with cybersecurity professionals, finance leaders can help build a secure and trusted ecosystem.
In addition, as organisations strive to meet regulatory expectations and gain stakeholders’ trust, CFOs must actively embrace their role in promoting digital trust for the continuity and protection of their organisations.
