Cyber Security White Paper
Cyber Security: A fundamental component of Enterprise Risk Management (ERM)
While cyberattacks have hit virtually every industry, the two industries most impacted by cyber security incursions, breaches and theft of data, are financial services and health care. Financial services and the medical world are inexorably connected to the world-wide internet.
In a recent speech OCC Head Thomas Curry said,” The financial-services industry is one of the more attractive targets of cyberattacks, and unfortunately the threat is growing.” Further, one growing area of concern is the potential for criminals to target smaller banks.
Analysts at the Gartner research group estimate that the health care industry is generally about ten years behind the financial services sector in terms of protecting consumer information.
Basic components of cyber controls framework, and ERM (Risk Management):
- Governance: Cyber Security Companies in all industries need to establish a cybersecurity governance framework which is a central leg of the ERM infrastructure.
- Cyber Risk Assessment: Through risk assessments, companies understand the specific risks to their organizational infrastructure and operations.
- Technical Controls: The selection of specific controls by any company is dependent the company’s individual risks.
- Vendor management: At every touch point vendors can introduce cyber threats (e.g. – viruses) into a company’s systems and data bases.
- Incident Response Planning: The primary objective of an incident response plan is to provide a framework to manage a cybersecurity event in a way that limits the damage, and deals with the legitimate concerns of third parties.
- Staff Training: Without adequate staff training and related awareness, the rest of a company’s cybersecurity program can be easily compromised.
- Cyber Insurance: While almost unknown five years, many companies have chosen to obtain cyber risk insurance.
The above has been extracted from a White Paper by Tom Van Lenten, Director, CFO Consulting Partners. Download PDF
Would You Give Your Accounting Department an A?
Dear Mr. CFO, would you give your accounting department an A?
If you can answer YES to 9 out of 10 items, then you may have an “A” functioning accounting department. The following questions are addressed to the CFO, but can generally be answered by the CEO and many other senior executives?
1. Do you provide answers to requests in two hours?
2. Are you able to close the books in a maximum of 7 days?
3. Do you have written comprehensive policies and procedures for main processes, and are they followed?
4. Do all members of the senior management team have a solid understanding of the key business drivers?
5. Would your CEO and other senior executives consider you to be their partner?
6. Do you have a budget and report monthly variances against it?
7. Are you generally able to complete your tasks and goals on time?
8. Do you have a mentor?
9. Do you report bad news within 2 hours?
10. Are your receivables less than 45 from the last day of work completion (not from when you send out the invoice)?
CFO Consulting Partners unlocks the full potential of accounting and finance functions in small and midsized public and private companies.
If you would like a confidential, no obligation meeting with one of our partners, please email Allan Tepper at atepper@cfoconsultingpartners or call him at 646-650-2028 X701.