Connect with us

Finance

CFOs – the forgotten ally in the fight against ransomware

Published

on

Justin Vaughan-Brown, VP Market Insight at Deep Instinct

 

Ransomware attacks have nearly doubled in the past couple of years. According to a new report from an international law firm the number of ransomware attacks reported to the Information Commissioners Office (ICO) went up within a year from 236 to 654 in 2021.  With threat actors using increasingly advanced methods to launch attacks, organisations are too often financially unprepared when disaster strikes.

Apart from taking a mental toll, cyber-attacks put significant financial burdens on an organisation. Our own research among the C-Suite and IT security decision makers revealed that last year, UK-based organisations paid an average ransom of £3 million. While the decision to pay the ransom should fall on the shoulder of CEOs and CFOs, in many cases the latter were side-lined from the decision-making process. In only 14% of cases, financial officials play an active role in making final decisions around paying ransoms. This is an alarming proposition, as ransomware at its core is a financially motivated attack.

The unmasking of this vast disconnect in ways that the management team determines the risks and aftermath on their organisations after a cyber-attack, reveals a potentially risky misalignment of understanding and priorities when it comes to securing their organisation. So why do CFOs feel that their organisations are not prepared to face a cyber-attack and how does the CFO’s perception of the company differ from that of the CEO?

Justin Vaughan-Brown

Why do CFOs feel their firm is ill-prepared against cyber-attacks?

One of the core challenges is the financial cost gap between those willing to pay a ransom and those who paid a ransom. Those who were willing to pay a ransom demand vastly underestimated the cost. For example, respondents who would be willing to pay a ransom in the future, estimated that the pay-out would cost, on average, £760,000; however, in reality the average amount paid was four times higher – standing at £3 million. In addition, it was revealed that only 32% of organisations were able to recover their entire data and show positive outcomes after the ransomware attack.

While CFOs of a company play a major role in boosting the morale of an organisation, CEOs are expected to exude confidence in their organisation. If CFOs do not assume their place in the team to help fight cyber-crime, then the organisation develops a false sense of security. This leads the CEOs and other members of the organisation to believe that they can effectively fight malware gangs.

Due to the plummeting number of financial officials being involved in the risk assessment of cyber-attacks on their organisation, fewer and fewer CFOs feel confident enough to state that their organisations are prepared to withstand a cyber threat. CFOs have also been excluded from making the decisions of paying ransom to malware gangs despite it being a financial issue.

For example, 56% of respondents stated they had paid the ransom to recover their data, with only 14% claimed that their CFO had made the decision – in the other 29%, the CEO had been in charge. Given the fact that there is a true monetary risk to such decisions, it’s essential that CFOs and financial executives should have a critical role in these decisions.

Moreover, only 12% of CFOs are actively involved in the risk management processes and hence only 14% feel their organisation is prepared to withstand a cyber-attack. On the other hand, 63% of CEOs are under the impression that their organisation is well prepared for it.

A wake-up call for the exec suite

From the organisations we spoke to, nearly two-thirds of the respondents confessed that their business had endured a ransomware attack. With the increasing number of cyber-attacks, it has become essential for an organisation to assess the impact a cyberattack may cause. Threat actors provide no assurance that all the data that has been encrypted will be returned even after a ransom is paid. In such cases, it would be important to have an estimate on the losses incurred.

Only 38% of respondents seemed confident in evaluating monetary value to the data within their organisation and analysing the potential impact of the loss. But 48% of organisations revealed inadequacy and inaccurate assessment of the cyber-attack and in some cases, no assessment at all.

Firms should initially analyse the monetary risks of a ransomware attack and response accurately to understand the true cost of any decisions, or else they will fall into the pit of false security after the true cost of the ransom is revealed. It’s imperative that senior executives at all levels should be a part of the ransomware response strategy and all relevant decision-making processes. Afterall, they all have a role in making sure that the business is buoyant and prepared in the face of adversity.  Otherwise, organisations will continue to fill the pockets of cybercriminals, while incurring huge losses themselves.

Finance

Is your business ready for finance automation?

Published

on

By

Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur

 

As managers continue to drive their businesses through these uncertain economic times, it is important for them to properly equip and guide their organisations. Small to medium-sized businesses (SMBs) are looking to save money during this inflation crisis. By looking carefully into different areas, there are many hidden costs that can be found to combat rising expenses and interest rates.

With 2023 approaching, it’s time for businesses to be more proactive towards improving their processes. Automating administratively heavy tasks can be hugely beneficial in saving time and resources, both of which can have a big impact on the bottom line.

Although travel logistics, expense tracking and invoice processing can sound like a lot of background noise, these processes can all be optimised through automation. This offers more visibility for finance leaders and helps free up valuable time and resources for employees within the organisation.

Identify which key areas need automation

The first step to adopting automation is highlighting which areas can be improved with specific technology. This includes auditing the business and identifying which areas are outdated. From this point, businesses need to determine which processes and procedures may benefit from digital transformation. High on the list are manual processes and data input — two areas that often are riddled with mistakes and delays. Automating these areas proves to be useful for both the organisation and its employees.

Another common issue that finance leaders face is lack of access into full spend visibility. To improve decision making, managers must be confident about the trusted insights, transparency and perspectives in their business. Reporting tools and automated processes can help verify expenses through integration with other vendors and systems.

Without automation, it is difficult for finance departments to ensure all data has been inputted and centralised. This can make it difficult to determine the most appropriate and potentially effective areas to target cost-saving measures. Spend management solutions can, however, provide finance leaders with full visibility into where their money is being spend, enabling any spend that does not correlate with policy to be flagged. This can help businesses to reduce non-compliant spend and increase policy and regulatory compliance.

Find the best solution for both business and employees

Once these areas are identified, the business must adjust for compliance requirements, infrastructure changes and spend changes. Finance leaders should select the best solution to streamline current processes, whilst also improving budgetary controls and employee safety and satisfaction.

It is important for companies to place employee experience and innovation at the forefront of decision making, with training and ongoing employee support. Expenses — the reimbursement process, specifically — often have an under-appreciated role in employee engagement.

In fact, the new SAP Concur Employee Experience study reveals that 70% of employees in the UK are concerned about the impact of cost-of-living increases on their personal finances. And it’s late reimbursements for expenses that are causing employees to worry, with 56% worried about delayed reimbursements impacting their personal finances. This is why it is crucial for organisations to adopt automation to help accelerate processes and relieve reimbursement worry.

We worked with Brother UK (Printing and technology solutions) to automate their processes within their internal finance department. Brother has many employees who have worked for the company for more than two decades, with many processes identical to the day they started. Unsurprisingly, these employees were reluctant to making big changes, as they were used to carrying out their work in very specific ways. And with the obvious talent crisis, Brother realised that it was more important than ever to focus on the employee experience.

Brother put their employees first, ensuring communication remained transparent during the entire project. The company also brought staff directly into the decision-making process, elevating buy-in and a sense of ownership over forthcoming changes.

Now that Bother has automated many financial tasks, employees within the finance department are able to spend more time on strategic and rewarding work, rather than menial and time-consuming tasks. This improvement has been a positive experience for all. It has also helped employees to progress further in their careers.

Plan for the unpredictable future

Do you work for an SMB considering such changes? Don’t hesitate — now is the time to take the proactive step to streamline and grow your business. Overall, SMBs are being faced with the unknown and are being forced to adapt or pivot their business models. Finance automation will help futureproof your business during these uncertain times, bringing a level of stability to your organisation. This will allow employees to focus on future growth ambitions and make more informed decisions without having to worry about laborious tasks.

It’s important to remember a key part of running any business is relationship management — both with customers and employees. It’s important to choose solutions that will help drive profit margins whilst also acknowledging employee needs. For small businesses, maintaining clear communication with employees will not only help to ensure solution implementation is successful, but will also help to soften any resistance to automation.

And there’s so much more beyond basic finance automation. By taking an even deeper dive into invoices and expenses, businesses can find key data to help underpin certain goals such as reducing carbon emissions for business travel or enabling employees to submit expenses from anywhere at any time.

In the long run, digitising tired manual processes makes it more affordable for all businesses, no matter the size, to offer a competitive advantage during this era of change.

Continue Reading

Finance

Cost of living: How to identify vulnerable customers

Published

on

By

Ellie Engley is account director at REaD Group

 

In the current climate, the cost of living crisis is a real challenge for financial services companies who need to be able to support their vulnerable customers. One in six (17%) of UK households (4.4 million) are now in ‘serious financial difficulties’, compared to one in ten (2.8 million) in October 2021 – an additional 1.6 million households – according to research from Bristol University, while it was recently reported that one in five adults across the UK – nearly 11 million people – have fallen behind with at least one household bill payment.

As a financial services provider, it has never been more important to be able to identify and communicate appropriately with vulnerable customers; those who, due to their personal circumstances, are especially susceptible to detriment. Not only that, but there are three different levels of poverty to be aware of: ranging from income below minimum income standard, not enough income and destitution.

As a financial service provider, then, it has never been more important to communicate sensitively to customers, price products appropriately and protect customers from fraud.

Identifying vulnerable customers

As a responsible brand, the first step is to proactively identify vulnerable customers to exclude from particular direct marketing campaigns, where additional credit or non-essential purchases could increase the pressure on their personal circumstances. This is an ethical approach to direct marketing which also sees companies increase ROI and improve campaign success.

Using both internal first party and third party data, it is possible to build up a detailed picture of customers in order to identify the existing vulnerable groups, as well as the emerging vulnerable groups within your customer base.

This data can identify vulnerable and potentially vulnerable segments of consumers, including self-declared vulnerability or that shared by a first party, such as a bank, on behalf of the consumer, along with high-cost short term credit applications; houses of multiple occupation (HMO data); and consumer vulnerability metrics. This latter employs a segmentation model which takes into account census data to provide information on demographics, such as age, income, housing, education, financial products, affluence measures; transient states such as health; market forces acting on the consumer and their susceptibility to those forces; and the individual’s market preferences.

Taken together this data will provide a rich and detailed understanding or levels and types of vulnerability so brands are able to work with their customers responsibly. Gaining a better understanding of differing vulnerable segments in a customer base helps drive effective communication strategies, while simultaneously ensuring fair treatment.

Other warning signs

Changes in transactions and behaviour are another way to identify vulnerability in customers. It may be necessary to identify different segments or groups of customers who are classed as vulnerable for different reasons. Those consumers who were once deemed ‘financially stable’ now feel financially stretched and are at greater risk of financial vulnerability through increased cost of living and rise in inflation.

The use of third party datasets can also support the identification of these groups which provide information on changes in personal circumstances, short-term finance requirements, loss of income or employment and changes to relationship or residential status.

Using external data variables helps companies make data-driven decisions on how to price products, reduce fraud, identify vulnerable customers and ultimately make more personalised decisions using data. Data can be used across different teams, including marketing, fraud and pricing, for multiple purposes and projects.

Being able to supplement the data they hold on a customer can help marketing teams to not only help identify risk but help define what their need state actually is, whether that’s saving, moving house or having children. Enhancing customer data helps companies make better informed decisions.

Keep it clean

On top of this, every financial services provider should be keeping their consumer data clean and accurate. Data that is up to date will help businesses make more informed and responsible decisions about how they communicate with customers and prospects.

Above all, financial service providers should be mindful of the many more people who are now vulnerable, and communicating with care should be a brand’s mantra for the foreseeable future.

 

Ellie Engley is account director at REaD Group, a Sagacity company, which uses its data products, insight and expertise to help its clients get closer to their customers.

Continue Reading

Magazine

Trending

Business5 hours ago

Hidden channel costs: how to find and tackle them

By Mark Wass, Strategic Sales Director, UK and North EMEA at CloudBlue     Growth for businesses will always be a...

Finance11 hours ago

Is your business ready for finance automation?

Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur   As managers continue to drive their...

Top 1011 hours ago

The power of a proactive customer service

By Delia Pedersoli, COO, MultiPay   2023 is shaping up to be another challenging period for B2C businesses. While the...

Business11 hours ago

Automation nation: Liberating workers from desks, data entry and the doldrums

Gert-Jan Wijman, VP of EMEA at Celigo.   Just when businesses thought the tough times were over, even more challenges...

News11 hours ago

Protean and Fino Payments Bank tie-up to expand PAN card issuance services in India

Fino Payments Bank has tied up with Protean eGov Technologies (formerly NSDL e-Governance Infrastructure Limited), a market leader in universal,...

Business19 hours ago

What is the True Cost of SMS Phishing?

Gemma Staite, Threat Analytics Lead   Cybercriminals will recycle attack strategies for as long as they are effective. In Fraud...

Technology1 day ago

Digital Asset Management (DAM) To Transform Enterprise Brand Management

Alexander Rich, Co-founder and CEO – Desygner    Rapid digital transformation fuelled by the pandemic has undoubtedly proven beneficial to...

Finance1 day ago

Cost of living: How to identify vulnerable customers

Ellie Engley is account director at REaD Group   In the current climate, the cost of living crisis is a...

Banking1 day ago

Is traditional business banking the best option for SME finance squeezes?

Airto Vienola, CEO, AREX Markets  The pressures facing business and personal finances alike have been well documented. Stories are now starting...

Business1 day ago

Breaking down communications silos to streamline the customer experience

Dave Tidwell, Head of Technical Pre-sales, DigitalWell   The pandemic has, without doubt, moved the goalposts when it comes to...

Business1 day ago

How growth can be a big challenge when a business becomes multiple entities

By Paul Sparkes, Commercial Director of award-winning accounting software developer, iplicit. Organisations don’t just grow in size – they also...

Wealth Management1 day ago

Keeping Cyber Insurance Premiums Down with Deep Observability

By Mark Coates, VP EMEA, Gigamon There is no doubt that the cyber insurance industry has experienced something of an...

Business1 day ago

When it comes to innovation, ignore your CEO and listen to your customer

 By Alex Hammond, Partner, Airwalk   At its core, the 2008 financial crisis was a result of banks incorrectly managing...

Business1 day ago

Netflix-style ransomware makes your organisation’s data the prize in a dark subscription economy

By John Davis, UK & Ireland Director, SANS Institute. Today’s subscription economy makes accessing nearly any service as easy as hitting enter....

Banking1 day ago

BANKING FOR BETTER 

By Alex Kwiatkowski, Director of Global Financial Services, SAS. From shifting market dynamics and mounting geopolitical tensions, to skyrocketing cyber threats...

Banking1 day ago

Why traditional banks need to embrace the agility of fintech competitors

Paul Higgins, EMEA Banking Lead, Mendix   Tech has long played a role in the finance space. The legacy applications running...

Technology1 day ago

SaaS Procurement’s Silver Bullet – How Automation is Changing the Game

Sven Lackinger, Co-Founder, Sastrify   Sven Lackinger is Co-Founder at Sastrify, the digital procurement platform for Software-as-a-Service products. Founded in...

News1 day ago

Tata Motors partners with IndusInd Bank to offer exclusive Electric Vehicle Dealer Financing

Key Highlights:   One-of-its kind Electric Vehicle Inventory Financing program for Tata Motors’ dealers  Limits extended towards EVs will be over...

Finance1 day ago

astrantiaPay Selects SaaScada to Enrich Swiss Landscape of Business Payments and Fill Market Gap

Swiss financial firm, astrantiaPay, to use SaaScada’s cloud-native core banking engine to simplify cross-border payments for SMEs and facilitate international...

Business2 days ago

How Big Data is Transforming Bilateral Trading

By Stuart Smith, Co-Head Business Development – Data & Risk at Acadia   Since its inception, Big Data has been...

Trending