Connect with us

Business

WAYS TO KEEP YOUR HYBRID WORKPLACE SECURE FROM THE IRREVERSIBLE DAMAGE OF A CYBER ATTACK

Published

on

By Alex Bransome, CISO at Doherty Associates, specialists in managing and securing cloud services in the finance sector.

 

recent in-depth study into 3000 UK firms and 2000 employees commissioned by our team at Doherty Associates found that 42% of the financial and legal firms questioned including those in private equity, investment and asset management, said their firm was inadequately protected against the cyber risks of hybrid working.

At the same time, one in five of the firms admitted that a major cyber attack could significantly cost their business at least £10 million or more in irreversible damage such as through loss of sensitive information, corporate and confidential data, due to a GDPR breach or fine, and long-term reputational damage to the firm.

Yet hybrid working is here to stay for over half of the firms we spoke to, despite being more vulnerable than ever to a cyber breach. A recent BBC poll on 50 of the biggest employers in Britain, including investment firms JP Morgan, Rathbones and investment bank VSA Capital, said they had no immediate plans to bring staff back to the office full-time.

And you can see why flexible working is the preferred choice for both firm and employee, as over a third of the finance and legal professionals we spoke to said that they found it easier to win new business and close deals when working from home.

However, a more flexible, hybrid scenario is creating increasingly complex cyber security challenges as employees move between different set-ups, in different places, using different devices.

 

More than one front door

With employees working outside of the office, using a blend of personal and company devices, finance firms no longer have a single ‘front door’ to protect but a multitude of entry points to secure against cyber criminals.

While it remains the case that most information leaks out by accident, the chances of this happening increases with more employees working from home, as the ‘attack surface area’ extends out to every device being used, no matter who owns it. At the same time, cyber criminals are finding ever more sophisticated ways to target remote employees, with finance an increasingly attractive target due to the high value of transactions.  What’s more, it seems a high number of employees working remotely are experiencing cyber or data breaches unknown to the firm.

 

It’s the unknown you need to worry about

52% of the finance and legal firms we interviewed said their organisation has yet to experience a cyber attack or data breach since transitioning to remote working since the first UK Covid-19 lockdown back in March 2020. Yet, a quarter of employees said they had been the victim of a data breach or caused one themselves since working remotely, one in seven had experienced a phishing attack or similar, and 42% admitted to emailing confidential client information or unencrypted attachments.

The difference between how many firms are detecting breaches compared to the reality of them occurring suggests that employees are not reporting all of the mistakes they make. It also shows that firms are still in need of a well-rounded cyber security programme that incorporates protective, detective and responsive solutions, if they are to keep their information, people and workforce safe.

It’s not the tip of the iceberg you need to worry about. It’s the bit you can’t see underneath. Underestimating the risks and vulnerabilities that come with home and hybrid working could prove costly.

 

Reinforce your moats to protect your castles

Many firms appreciate that a single ‘castle and moat’ perimeter defence approach – where employees are protected within the boundaries of the office firewall – is no longer fit for purpose in a hybrid workplace. However, some are struggling to keep up with the fast-moving challenges that blended working brings, but there are steps your firm can put in place to safeguard a firm’s ‘borderless’ network.

  • Improve your cyber hygiene and widen your security perimeter to protect those working outside the office

Cloud-based technologies such as Data Loss Prevention and Information Protection can help protect against data leakage. Ensure that all internet facing systems have multi-factor authentication, so employees keep their identity secure while working remotely, and restrict the use of personal devices.

Use software that ringfences and encrypts all the corporate data on a mobile or ‘bring your own’ devices as this means the corporate data can be wiped if the device is lost or stolen without this affecting any personal data – such as family photos – if the device is then found or recovered.  Also using disk encryption to protect all data on company devices such as laptops, will mitigate the risk of it being lost or compromised if the device is stolen.

Ensuring though that no company information is shared via personal cloud storage platforms where documents can easily be forgotten, and just as easily hacked, is also advised.

  • Conduct a cyber risk assessment at least every six months to improve your security posture

This will identify and address any critical vulnerabilities, gaps or compliance issues. An assessment should involve identifying your most important/critical assets; identifying any weakness/vulnerabilities in those assets, or in how they are used or accessed, assessing the likelihood of a risk materialising; and finally identifying controls to help address the identified risks, to reduce risk to an acceptable level.

  • Carry out regular cyber awareness training

Over a third of the financial professionals in our poll say they’ve had no cyber training since working from home from the start of the pandemic despite the fact that they are now using different software and platforms to collaborate as well as a mix of personal and work devices.

Building in regular comprehensive cyber security awareness training for every employee is critical to safeguarding against any vulnerabilities, weak spots or compliance breaches.

It should most importantly clearly convey your organisation’s approved methods of working, communicating and sharing data. Beyond this, user awareness should cover the end user security best practices and how to spot common attacks such as phishing, plus phishing assessments to actively test and measure awareness levels across the organisation.

Empowering employees with the knowledge to identify threats in real-time can become a firm’s greatest security asset so making cyber security training a ‘must’ and not just a nice-to-have is critical in this new era of hybrid working.

Your firm is only as safe as your weakest link but cyber savvy employees, robust cyber security measures, and a strong cyber defence system will keep both firm and workforce safe and secure no matter where they are.

 

Business

THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT

Published

on

By

Jennifer Sims, Senior Consultant at Xledger

 

The world of finance software is evolving quickly, but with many new software contenders entering the market it can be a mindfield for organisations. Many finance teams are already using multiple accounting apps and software packages for bookkeeping, payroll and invoicing to service individual needs. Whilst it may work fine for now, this segregated approach isn’t sustainable for long-term growth. The world is swiftly moving to agile, automated ways of working. As a result, there is a growing need to choose suppliers that can fulfil multiple functionalities within the one platform.

Financial software is evolving at such a pace that it can be difficult to keep up. Changing up a finance solution is a big step and ease of migration can be a substantial factor in determining which solution provider to go with. But how do you choose a solution that will grow with your business and still offer something innovative in five or ten years down the line? The fear is always that non-techie organisations will end up falling behind, but in such a highly concentrated industry, how do you decide which solution would work best for you?

 

Cloud-first: the term that makes all the difference 

You could find a ‘cloud-based’ service with an application that comes with automated audit trails to make it easier to meet compliance and record-keeping obligations, for example. But for a solution to offer all of the many future benefits promised by the cloud, it needs to have been built specifically for a cloud environemt from the outset – ie. not an on-premise built system that has been later adapted. Cloud-first services (true cloud) were always intended to leverage economies of scale, cope with live updates, be accessible from anywhere with an internet connection, and to scale rapidly, to name just a few of the many benefits.

When we talk about innovation in financial technology, we’re not just talking about software that makes it easier for the financial controller to create reports. If eliminating reliance on Excel spreadsheets is the only tangible benefit you have to really shout about, you are missing out on the real deal. With ‘true’ cloud finance software the sky is the limit.

Finance and accounting technology needs to directly meet the needs of the finance function and support the wider business needs.  When looking at accounting software platforms you’d be hard pressed to find one that doesn’t now promise ‘cloud-based’ enterprise resource planning (ERP) capabilities. The cloud is nothing new, but it’s the way that a solution harnesses this environment that makes a real difference. And here is where there is a need to read between the lines.

 

Automate more with true cloud 

Historically, repetitive and manual tasks are typical of the finance role – from invoice postings to expense claims handling – these can overwhelm the finance team. Research by Xledger[1] has found that an enormous 91% of CFOs and finance decision makers are carrying out at least one of these repetitive tasks as part of their job. What’s more, senior finance leads are averaging a whopping 25 hours per week carrying out repetitive and manual tasks, compared with 15 hours for other finance decision makers.

A modern, true cloud finance system can enable your business to automate repetitive tasks and provide one source of truth so that teams can make informed business decisions that will help to scale a business. Bank reconciliation, dashboard creation and reporting are just some of the tasks that can be handled automatically.These capabilities are aiding overtasked finance teams and saving hundreds or thousands of hours a year.

Whilst different companies are at different stages in their digital transformation what is clear is keeping up with the latest technology is fundamental to the future success of an organisation.

Xledger is a true cloud finance solution. The basics include invoicing, robust general ledger accounting, detailed slice and dice reporting, purchase orders, billing, VAT reporting, and cash and bank payments. It also adds process and structure to the enterprise with procurement and inventory, budgeting and forecasting, and project accounting. Users are always on the latest version of the software and with regulation more stringent than ever today, Xledger is ISO 27001 accredited.

Choosing the right provider for your financial ERP solution comes down to whether it has the fundamentals right. When hosting all of your vital data in the providers’ own servers, it should evidence a highly tested security process that comes with backup services as standard.

As our demand for technology capabilities grows and as ERP models progress, innovation will become the structure for growth – and there is no end to the possibilities.

 

Continue Reading

Business

HOW RETURNS ABUSE AFFECTS RETAILERS

Published

on

By

By Aaron Begner, EMEA GM at Forter

 

Accompanying the significant growth in ecommerce over the past 12 months, is the need for retailers to manage the impact of a growing array of fraud and abuse challenges. One type of fraud that can easily fly under the radar is the abuse of a merchant’s returns policies.

Returns abuse can be difficult to detect and prevent for retailers, as often it is a challenge to identify fraudulent behaviour vs. a ‘usually-good’ consumer trying to bend – but not break – return policies. Therefore, it’s often a challenge to identify how returns abuse actually affects retailers. Here are three of the biggest ways that returns abuse negatively impacts business.

 

Lost Revenue

The most obvious effect that returns abuse has on a business is lost revenue, which can be significant. Research indicates that returns abuse may be costing retailers up to $15 billion per year. When fraudsters purchase items with the intent of abusing returns policies, the retailer makes no profit. Furthermore, it stops legitimate customers from purchasing the items they want, as fraudsters who don’t want the items are moving them around.

Various types of returns abuse can profoundly damage retailers’ bottom lines. Some tactics, such as shoplisting, where fraudsters try to obtain a refund for a list of products listed on a perfectly valid receipt, yet that they never purchased to begin with, can significantly impact retailers’ bottom line.

 

Increased Operational Costs

Returns abuse doesn’t only affect revenue pertaining to the products themselves. There are also operational costs to consider. An increase in returns abuse will often lead to more consideration being put into checking every return, for signs of abuse taking place. This can range from missing tags to damage or wear on the product. This process can be time-consuming, meaning more resources might be necessary to continue operating in an efficient manner. Handling and warehousing costs can also begin to increase, with returned items becoming significantly less valuable.

 

A Poor Customer Experience

As returns abuse continues to increase, many retailers will feel pressure to tighten their return policies. This could range from reducing the allotted time for eligible returns, to only issuing store credit instead of cashback. In some cases, more extreme measures such as requiring a restocking fee for more expensive merchandise will be taken.

While these are all effective ways to help diminish the effect of returns abuse on retailers, they can also have an adverse effect on a retailer’s customer experience. If loyal customers have become accustomed to a more flexible and forgiving return policy, they could be taken by surprise when it’s more difficult for them to return their items.

Ultimately, it can be tricky to balance the two. Returns abuse negatively affects retailer revenue and the overall business, but so does a poor customer experience.

 

The Negative Impact of Returns Abuse Cannot Be Understated

Returns abuse is often overlooked. It can be difficult to detect, but significantly impacts revenue and operations. Because stricter return policies may restrict loyal customers, the reputation of a retailer’s business can be affected. Poor customer experiences can lead to bad reviews and a loss of current and potential customers. Because of this, returns abuse prevention should be a top priority for all retailers.

With this information in hand, retailers can get a better understanding of how returns abuse affects their business and why they need to put a prevention plan in place, as soon as possible.

 

Continue Reading

Magazine

Trending

Business2 hours ago

THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT

Jennifer Sims, Senior Consultant at Xledger   The world of finance software is evolving quickly, but with many new software...

Business2 hours ago

HOW RETURNS ABUSE AFFECTS RETAILERS

By Aaron Begner, EMEA GM at Forter   Accompanying the significant growth in ecommerce over the past 12 months, is the...

News2 hours ago

TINTRA PLC FINALISES JOINT VENTURE WITH ARTIFICIAL INTELLIGENCE PARTNER TO BUILD INDUSTRY CHANGING REGULATORY TECHNOLOGY

Innovative fintech company, Tintra PLC(https://tintra.com/), has formed a joint venture with award-winning Artificial Intelligence and Machine Learning business, TMC2, via...

News2 hours ago

CELLPOINT DIGITAL PARTNERS WITH VYNE TO ENABLE INSTANT OPEN BANKING PAYMENTS FOR MERCHANTS

The partnership will allow CellPoint Digital customers to incorporate Vyne into its payment ecosystem and access instant payments without a...

Business3 days ago

WHY A MULTI-ACQUIRER STRATEGY IS KEY TO GLOBAL GROWTH

As online business grows exponentially, finally fulfilling the internet’s promise of a ‘global village’ in which anyone can buy and...

Business3 days ago

TAKE THE NO-CODE LEAP TO DIGITAL INNOVATION WITH A FUSION TEAM

Chris Obdam, CEO, Betty Blocks   In the last couple of years, a new sector has emerged alongside enterprise financial...

Finance3 days ago

HOW FINANCIAL ORGANIZATIONS CAN PROTECT THEIR DATA

Yuval Wollman, President, CyberProof and Chief Cyber Officer, UST   Top executives from Wall Street’s largest banks pinpointed cybersecurity as the...

Top 103 days ago

IF IT’S A LOSS, YOU’RE TOO LATE – WHY THE INSURANCE INDUSTRY NEEDS TO FOCUS ON FIRST NOTIFICATION OF RISK

Simon Dicks, Insurance Channel Manager EMEA, Lytx   Insuring commercial fleets can be an expensive business. Average repair costs have...

Business3 days ago

IDENTITY SECURITY IN THE ERA OF SOX

By Steve Bradford, Senior Vice President, EMEA, SailPoint   The Sarbanes-Oxley Act (SOX) is a federal law that mandates practices...

News3 days ago

EXPERIAN LAUNCHES VERIFICATION SERVICE TO SUPPORT FASTER, MORE ACCURATE LENDING DECISIONS

Work Report™ is the UK’s first service that automates the digital sharing of payroll information on behalf of the consumer...

News4 days ago

TENUREX AND ELUCIDATE PARTNER TO INCREASE FINANCIAL INCLUSION WORLDWIDE

TenureX and Elucidate have announced a strategic partnership with a mission to increase financial inclusion worldwide and tackle the laborious...

Banking4 days ago

WHY THE TIME IS NOW TO BANK BEYOND BORDERS

by Lili Metodieva, MD of Monneo   As our world becomes more interconnected, so too does the need for banking...

News4 days ago

PAYCAST PARTNERS WITH MARQETA AND MASTERCARD FOR NEW MARKETPLACE PAYMENT SOLUTION

Paycast will leverage Marqeta’s modern card issuing platform and the Mastercard network to empower marketplaces with payment solutions that help...

Finance5 days ago

HOW FS ORGANISATIONS CAN USE API-DRIVEN DATA AUTOMATION TO JOIN THE OPEN BANKING REVOLUTION

By Steve Barrett, Senior Vice President, International Operations at Delphix    Technology is rapidly transforming all industries across the world. However, for the...

Banking5 days ago

IT’S TIME FOR BANKS TO SIT THEIR CUSTOMERS DOWN AND TALK OPEN BANKING

Eugene Danilkis, CEO at Mambu   We are living in an experience economy, and banking is no different. Customers need...

Banking5 days ago

WILL CHALLENGER OR TRADITIONAL BANKS WIN THE SECURE CARD PAYMENTS BATTLE?

By Vince Graziani, CEO, IDEX Biometrics ASA   Challenger banks have shaken up the payment ecosystem in the last decade....

Banking5 days ago

TOP ITALIAN BANK ROLLS OUT FIRST OF ITS FULLY DIGITAL BRANCHES WITH AURIGA

Banca Carige Smart, the new intelligent branch model enabled by Auriga #NextGenBranch solutions , combines digitalisation with a human touch...

Banking5 days ago

HOW BANKS CAN PROTECT THEMSELVES AGAINST RANSOMWARE

Jay Ralph, Managed Cloud Global Sales Lead at SoftwareONE   We’ve seen a slew of high-profile ransomware attacks in 2021. From hackers...

News5 days ago

BLOCKERS TO BLOCKCHAIN ADOPTION LIFT FOR 65% OF FINANCIAL ORGANISATIONS

Four years of data from Visma | Onguard’s Fintech Barometer finds growing confidence in blockchain technology   65% of organisations...

News6 days ago

SAME DAY REMITTANCE IS A WELCOME BOOST FOR SMALL MERCHANTS THIS BLACK FRIDAY

UTP Merchant Services, Jaime Lowe, Sales Director On November 26th, much of the globe will witness the start of the...

Trending