|
Join Our List
|  |
| |
Deborah Adkins,
served as judge at the NAWBO 2015 Business Plan Competition September 17th. Zanibel Melo, Higher Dreams, won in the Established Category and Gina Garcia, Trikaroo, won in the Emerging Category.
|
|
Our Services:
|
- Business & Strategic Planning
- Financial Reporting & Accounting Management
- Cash Flow Management
- Government/
Defense Contracting - Turnaround/Crisis Management
- Bankruptcy (Debtor and Creditor)
- Forensic Accounting/
Litigation Support - M&A/Due Diligence and Integration
|
|
Our Offices:
| |
Orlando
5971 Brick Court
Suite 100-B
Winter Park, FL 32792
407.679.7600
Tampa
2202 N. Westshore Blvd.
Suite 200
Tampa, FL 33607
813.507.3600
South Florida 110 East Broward Blvd
Suite 1700
Ft. Lauderdale, FL 33301
954.651.8044
|
|
|
| September 2015 |
Managing Cyber Risk
The CFO's Role
by Keith Blackman, CPA, Principal
 While cybersecurity seems to be prevalent in everyone's mind, including those in our business community, not too many in the C-suite realize that responsibility for cybersecurity readiness and planning should fall within the purview of the CFO. With recent news of cyber-attacks on Fortune 500 companies - Sony, Anthem, Home Depot and Staples come to mind - it seems that cybersecurity has become the latest buzzword in today's society. Yet, it appears that most senior executives of small to medium-sized entities still think that data breaches only happen to larger companies. A recent study by the Ponemon Institute shows that most breaches involve fewer than 10,000 records, indicating that they occur more often at smaller rather than larger companies.
What is Cybersecurity?
According to the University of Maryland, cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction, and data breach is defined as the unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Since the sanctity and reliability of data, especially financial data, comes under the auspices of the CFO, it follows then that he/she should be tasked with the control, flow, reliability and accessibility of this data.
Costs of Data Breach
The 2015 Cost of Data Breach Study: United States issued by the Ponemon Institute, indicates that the average cost of a lost or stolen record containing sensitive or confidential information increased from $201 to $217. This means that a data breach involving 10,000 records would cost the victimized entity around $2.17 million. To further illustrate the point, this would represent a 22% loss in value for an entity valued at $10 million, 11% for an entity valued at $20 million and so on. The Study also indicated that the total average cost paid by organizations which had been breached increased from $5.9 million to $6.5 million.
The CFO's Role
With numbers so relatively staggering, it is easily understandable why the ultimate responsibility for managing cyber risk should be placed with the CFO. The Chief Financial Officer, as the name implies, is responsible for all financial matters of the organization. Along with being the chief custodian of the company's assets, the CFO is also responsible for financial strategy, planning and risk management, among others. Therefore, a risk that could potentially wipe out a big chunk of the organization's enterprise value should be of major concern to the CFO.
Since one of the CFO's responsibilities within the organization is risk management, and with the threat of cyber-attacks and concern with data breaches presenting a huge, ever-present risk to the organization, it is imperative that the CFO be aware of relevant risk mitigation factors, the cost of alternative options and the cost-benefit ratio of each one. Furthermore, with enough information about the probability of each relevant cybersecurity threat to the entity, alternative mitigation factors, along with the costs and benefits of implementing them, it can become viable to prepare risk models to help the organization in its decision-making process when initiating a cyber preparedness plan.
It is true that the actual nuts and bolts of a cybersecurity readiness plan may more effectively be handled by a Chief Information Security Officer (CISO). It is also true that the technical aspects of any cybersecurity plan may be better detailed by other IT personnel. However, the prevailing wisdom is that an effective plan for achieving and maintaining cybersecurity preparedness is best implemented using a cross-functional or inter-disciplinary team involving IT, legal, marketing, compliance, finance and risk management. Furthermore, based on the CFO's role within the organization and the importance of proper cybersecurity strategy and planning for the entity, this team should be led by an internal or out-sourced CFO who also has the ultimate responsibility of both getting buy-in from top management and reporting on the risks and possible solutions to the company's Board.
|
About Nperspective
| 
Nperspective, LLC provides interim, part-time, and project CFO services using a flexible engagement model that is dependent on our clients' unique business needs. Our partners are seasoned CFOs who focus on rolling up their sleeves, are accommodating to client needs and helping create significant value from within their finance organizations.
|
|
|
|
|
