FinSecOps a team effort in fight against finance cybercrime

Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organisations' accounting and financial data to increase in the year ahead, according to new research from Deloitte.

The results emerged in a new Deloitte Centre for Controllership poll. A total of 48.8% said they expected to be targeted, yet just 20.3% of those polled say their organisations' accounting and finance teams work closely and consistently with their cybersecurity team members.

Over the past year, 34.5% of executives reported that their organisations' accounting and financial data was targeted by cyber adversaries. Within that group, 22% experienced at least one cyber event, and 12.5% experienced more than one.

"Accounting and financial data is the lifeblood of organisational operations — and often meant to be kept confidential outside of highly regulated public disclosures for publicly traded organisations," says Temano Shurland, a Deloitte Risk & Financial Advisory principal in finance transformation, Deloitte & Touche. "While there may not have been much need for accounting, finance and cyber teams to work closely in the past, recent years have shown that's no longer the case. We strongly recommend that these teams try to 'learn each other's languages' and tighten their working relationships across silos."

FinSecOps can help protect financial data

Looking to the year ahead, 39.5% of respondents expect to increase the amount of collaboration between their finance and cyber teams. Currently, the majority (42.7%) of polled leaders say their organisations' finance and cyber teams only work together as needed with inconsistent closeness and consistency, while 11.1% do not work together.

"As cyber incidents increase in frequency, size and complexity, adversaries target nearly any data obtainable and by leveraging system vulnerabilities," says Daniel Soo, a Deloitte Risk & Financial Advisory principal in cyber and strategic risk, Deloitte & Touche. "Implementing financial security operations — something you could call FinSecOps — means protecting financial data. 

“Asking finance, accounting and security functions to team closely to manage FinSecOps is one preventative step we're seeing leading organisations take so that they are agile enough to mitigate threats to financial data and help enable business growth."