The Business Advisory Blog

The Business Advisory Blog

Insight, news and updates from Alliott NZ Chartered Accountants, Auckland New Zealand. The views expressed here are the views of the author and should be discussed in further detail should an article be relevant to your individual circumstances.

While every effort has been made to provide valuable, useful information in this publication, this firm and any related suppliers or associated companies accept no responsibility or any form of liability from reliance upon or use of its contents. Any suggestions should be considered carefully within your own particular circumstances, as they are intended as general information only.

Vanessa Williams
Published on

CFOs need to take a broader view on risks

catch fish hook-9331. Phishing

Staff either open attachments or click on links in emails that download malicious code, or they are lured into providing passwords and login details.

2. Malware

Rogue software, such as computer viruses, is loaded onto an enterprise system as a result of a phishing attack or by staff accessing compromised websites.

3. Data theft

Unauthorised system access by hackers leads to data breach and theft. Disgruntled personnel may use thumb drives to download files without authority.

4. Shadow IT

Business units buy cloud-based computing services without the oversight of the IT team, so risk creating systems vulnerabilities when they link these systems to core enterprise applications.

5. Distributed Denial of Service

A coordinated attack using botnets (hijacked computers) to access an online service; the flood of bots blocks access to the service for legitimate users.

6. Ransomware

Malware is used to encrypt company data and a ransom is then demanded to access the encryption key. Ransomware is now in decline as many companies have learned to protect themselves with rigorous and regular back-ups.

7. Zero-day exploits

Hackers may seek to exploit software flaws, using them as a way into a company’s systems. Regular software patching reduces the risk.

8. Crypto-jacking

Hackers gain access to poorly protected computing resources and hijack them to mine cryptocurrencies such as Bitcoin. This dramatically slows computing speeds for bona fide processing.

If you have a major cybersecurity event that impacts the organisation’s records, whether there is a financial penalty or not, there is an impact on the trust of the organisation and on reputation which will ultimately impact the finances.

Always keep up to date, maintain dialogues with your IT providers, be proactive and take charge.

Article originally published by Acuity.partica.online. (2019). [online] Available at: https://acuity.partica.online/acuity/august-september-2019/insight/the-era-of-the-cyber-resilient-cfo

Topics: cloud accounting cybersecurity cyptocurrency data Penalties Phishing security