Finance Professionals Offer a Powerful Defense Against Cybersecurity Threats
By Christina Quaine.
A recent PwC survey revealed that growing cybersecurity threats are the top concern of CEOs around the world. It’s no surprise, because malware, ransomware, and phishing scams that give criminals access to sensitive customer and financial information can lead to severe financial loss and irreparable reputational damage. a company.
As businesses look to better protect themselves, payments remain a major concern. AFP’s 2022 Payment Fraud and Control Survey found that 71% of organizations were victims of payment fraud attacks or attempts in the last year. Checks, still the primary source of payment for many businesses, were the payment method most affected by fraudulent activity, accounting for 66% of attacks.
Businesses have powerful allies to help them protect against growing threats: the finance and payments team. These professionals can leverage advanced technologies, including artificial intelligence (AI), and security best practices to keep a watchful eye and ward off potential attacks.
Here’s a look at how they can serve as an effective layer of defense, bolstering the protection of their organizations against cybercrime that can have devastating effects:
Get a 360 degree view of the threat environment and understand the risks
Understanding and raising awareness of cybersecurity risks is the first step in training finance and payments teams to help protect against them.
PwC reports that cybersecurity attacks have not only increased in number, they have become more sophisticated and ransom demands higher. Remote and hybrid work environments put organizations at increased risk of security breaches as people spend more time on their computers and often work on less secure personal networks and devices.
Record labor shortages, including an insufficient number of cybersecurity professionals to provide protection, are also behind the creation of a riskier business environment. Eighty-five percent of finance professionals surveyed in a global cybersecurity survey by Trellix said they believe the current labor shortage makes it difficult to secure systems and increasingly complex information networks.
Which department is most at risk? AFP’s 2021 survey shows Accounts Payable (AP) services are among the most sensitive. Fifty-eight percent of respondents report that their AP service has been targeted by BEC fraud, a persuasive approach in which a criminal sends an email to an employee, impersonating a senior company executive and asking the employee to approve a payment or release. customer data. Employees often fall into the trap of scams unless they are informed and on their guard.
Rely on state-of-the-art technology to protect information and financial transactions
The majority of financial institutions surveyed by software vendor VMWare plan to protect against threats by increasing their cybersecurity budget by 20-30% this year.
The team responsible for managing sensitive customer and financial data and managing critical financial transactions, including billing and payments, is one of the prime places to allocate budget: the AP team. Outdated, error-prone tools and processes, such as spreadsheets and paper checks, put organizations at increased risk.
Automating risky manual billing and payment processes with AI-powered AP solutions can provide the controls and transparency organizations need to better detect fraudulent threats. It also allows organizations to offer suppliers electronic payments, a much more secure method of payment than paper checks.
Automated cloud-based AP solutions protect sensitive data by storing it in secure electronic formations and implementing controls to ensure appropriate access to it. Built into the solutions, AI provides 24/7 fraud protection as well as malware and intrusion detection. It can, for example, identify important missing invoice details, track unexpected increases in invoice volumes, track after-hours logins, and make it difficult to tamper with documents.
The greater visibility also helps the finance team identify past payment transactions and behavior patterns to better predict future transactions.
Establish security protocols and training procedures to support the finance team’s protection efforts
In addition to raising risk awareness and phasing out legacy equipment and processes that are becoming increasingly sensitive, organizations can protect themselves against cybercriminal activity by establishing a strong security culture.
This means sharing the news and reporting ubiquitous issues, so workers are alert, well-prepared and understand that safety and security are top priorities.
Together, departments can create and share policies and procedures that clarify expectations and define security protocols. Effective security protocols include requiring remote workers to use company-owned devices, VPNs and secure internal networks and firewalls to protect sensitive information; regularly update company-owned software with security patches; and never leave devices unattended.
Alarmingly, more than half of respondents to PwC’s 2022 Global Digital Trust Insights survey expect to see an increase in cyberattacks. There is no doubt that criminals will continue to take advantage of vulnerabilities as they emerge, evolving their methods and targets to thwart prevention strategies.
While it’s impossible to predict what new tactics might emerge, proactive prevention strategies and trusted technology partners are still the best defense.
Christina Quaine is Chief Information Security Officer and Senior Vice President of Technology Operations for AvidXchange. She is responsible for the company’s cybersecurity program, leading efforts to reduce the risk of unauthorized access to sensitive data and personally identifiable information.