The days of finance and IT operating individually from one another in the organisation are long past.

Gone are the days of the CFO focusing only on balance sheets and budgets – today the CFO is expected to play a constantly evolving role that calls for a multifaceted level of knowledge that ensures technological efficiencies across the organisation.

Speaking at the CFO World Congress at the CTICC in Cape Town recently, a panel of business experts gave their opinion on the CFO’s perspective on technological innovation and its implications for business.

Driving innovation

Louw Barnardt, MD of Outsourced CFO said financial directors should fully understand the technology driving companies, how it influences their own work in the business, and the importance of protecting it.

“This elevates the CFO’s role from merely reporting on figures to a more influential decision-making position in the company, and a trusted advisor to the CEO.”

Montegray Capital CEO Michael Jordaan added that financial professionals should ensure all decisions made within the business are well informed and data insight driven.

Carl Wöcke, founder of Merlynn Specialised Software Development, said CFOs should spend money on technologies that make the company faster and more responsive.

“Robotic process automation can handle intelligent functions like processing bank statements, opening emails, and posting values to specific fields. Within the artificial intelligence space the scope is unlimited. Business should be investing in technologies that enhance the efficiency of the organisation,” said Wöcke.

Social media as a tool
Social media platforms not only have the ability to break down barriers within the organisation, but assist with making market predictions using insights that otherwise would not be at the company’s disposal.

“Used effectively, social media is extremely powerful. Tesla CEO Elon Musk famously showed he did not have to go to market to raise capital – one tweet to his two million followers made his share price rise 4% in just 10 minutes,” said Jordaan.

Barnardt said social media can also be effective in the recruitment process – a well-worded advert on LinkedIn can source the right candidates for a position without incurring recruitment costs.

New tech challenges

Decision Performance Conseil CEO Frederic Doche said the CFO’s responsibility is to promote innovation, and transform security risks into opportunities.

Carl Wöcke concurred, adding the technologies the CFO should be considering are those that bridge the functions of the organisation, create better transparency and improve responsiveness.

CFO crucial in cyber response plan
Cybersecurity needs to be entrenched throughout the organisation, embedded in every system and in all departments. A cyber protection plan is for the entire business, not merely parts of it.

Over the past three years, cyber has extended way beyond being simply an IT issue, calling for the CFO’s mandate, focus and responsibility within the organisation to become increasingly important within the cyber agenda.

Nathan Desfontaines, Managing Director at CyberSec, said not only is the proliferation of cybercrime increasing, but the style of the attacks is changing and their complexity reducing.

“The most common form of cyber attack at the moment is the social one, targeting specific individuals in the organisation. These are known as spear-phishing emails, they are simple, and designed to appear to come from someone the recipient knows and trusts, like a colleague,” said Desfontaines.

Usually the victims have high levels of access to corporate data, such as the CEO or CFO. Trusting the email, they click on the link and malware is planted on their device. The malware mines their system for data, compromising security in the process.

Ransomware is also common. Hackers use malware to lock down an organisation’s server before demanding a ransom, usually in the form of Bitcoin as a non-traceable currency, in exchange for decrypting and releasing the data.

Kris Budnik, director of the cyber advisory practice of PWC, maintains that the awareness of the CFO around cyber security is crucial not only for the security programme within the organisation, but because the position of CFO is particularly vulnerable to being singled out for money extraction.

Martin Butler, head of the MBA programme at the University of Stellenbosch Business School, believes organisations need to be more proactive, rather than only reacting once attacked.

“A cyber incidence response plan can never consider every possible breach scenario. But when the company is hit, be it by a denial of service attack or ransomware, there should be a simulated plan of action put into play,” said Butler.

Desfontaines believes such a cyber strategy plan not only needs to be implemented throughout the business, but that it is the CFO’s responsibility to see its culture-wide adoption, and to ensure the impact of cyber risk is fully understood by every department and inculcated through the entire organisation.

“Cyber risk must be understood across the entire organisation. Every department has an intricate part to play in making sure the reputational damage and direct financial loss from a cyber attack is managed and minimised,” he said.

The question of how much of the budget should be allocated to cybersecurity is difficult to answer, as each business is different, said independent high risk security researcher Linda de Beer.

“First, conduct a cyber maturity assessment to determine your risks, see your vulnerable areas, and identify the key risk areas that need protecting. Only then can you start building your cybersecurity budget – there is no one-size-fits-all solution,” said De Beer.

Original Post Brainstorm Magazine