Nearly half of executives expect cyber attacks targeting accounting, other systems

Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations' accounting and financial data to increase in the year ahead, according to a new Deloitte Center for Controllership poll.

Yet just 20.3% of those polled say their organizations' accounting and finance teams work closely and consistently with their peers in cybersecurity.

During the past 12 months, 34.5% of polled executives report that their organizations' accounting and financial data were targeted by cyber adversaries. Within that group, 22% experienced at least one such cyber event and 12.5% experienced more than one.

"Accounting and financial data is the lifeblood of organizational operations — and often meant to be kept confidential outside of highly regulated public disclosures for publicly traded organizations," said Temano Shurland, a Deloitte Risk & Financial Advisory principal in finance transformation, Deloitte & Touche LLP. "While there may not have been much need for accounting, finance and cyber teams to work closely in the past, recent years have shown that's no longer the case. We strongly recommend that these teams try to 'learn each other's languages' and tighten their working relationships across silos."

Looking to the year ahead, 39.5% of respondents expect to increase the amount of collaboration between their finance and cyber teams. Currently, the majority (42.7%) of polled leaders say their organizations' finance and cyber teams only work together as needed with inconsistent closeness and consistency, while 11.1% do not work together at all.

"As cyber incidents increase in frequency, size and complexity, adversaries target nearly any data obtainable and by leveraging system vulnerabilities," said Daniel Soo, a Deloitte Risk & Financial Advisory principal in cyber and strategic risk, Deloitte & Touche LLP. "Implementing financial security operations — something you could call FinSecOps — means protecting financial data. Asking finance, accounting and security functions to team closely to manage FinSecOps is one preventative step we're seeing leading organizations take, so that they are agile enough to mitigate threats to financial data and help enable business growth."

Over 1,100 C-suite and other executives were polled during a recent Deloitte Center for Controllership webcast, titled " Cyber's growing role within the finance organization to enable transformation," on Oct. 26, 2022. Answer rates differed by question.

Show Comment