This recording is part of a three-part podcast series with AccountingWEB and SAP Concur, where we look at a range of issues facing the modern finance leader: from the challenges of career progression to the world of artificial intelligence. You can get to the podcast series hub here.
In episode three of our forward-looking finance leader podcast series, we take a close look at cybersecurity and the finance function’s role in keeping the business safe.
Barely a day goes by seemingly without a new tale of cyber misery. Official statistics seem to support this notion: according to the government’s Cyber Security Breaches Survey, around a third (32%) of businesses and two in ten charities (22%) report having cybersecurity breaches or attacks in the past year.
This number is much higher specifically among medium businesses (60%), large businesses (61%) and high-income charities (52%).
On top of these deliberate criminal efforts, routine mistakes like duplicate invoices and inaccurate expense claims frequently slip through the net at many businesses. For finance directors, it can feel like death by a thousand cuts.
So, what can finance leaders do to insulate themselves, their finance team and the business at large from these threats? We assembled three excellent guests on this podcast to find out:
- David Hawes, the finance director of Devon Air Ambulance
- Adam Harling, the founder and managing director of Netitude, a provider of cybersecurity and managed IT services
- Natalie Gwilt, the senior director of account management at SAP Concur
In the episode, we discussed the difference between whaling and phishing, the importance of people and training, the best IT policies for cybersecurity and the importance of culture in creating a secure business.
It’s a difficult topic to address. As Natalie Gwilt put it, many businesses “don’t want to wash their dirty laundry publicly” and the embarrassment of a breach or duplicate invoice might make you clam up, but speaking openly is the first step in a solid defence.
Changing the culture around cybersecurity, David Hawes said, starts at the top. “I encourage people to be honest about their mistakes and near misses,” he said, “while being absolutely clear about what isn’t accepted.”
Only once the culture is right, Hawes said, can technology make a real difference to your security. Tech amplifies an effective culture, making your business more secure than ever.