Keep Your Financial Information Secure: The Stats, Facts, and Data

Rose Report: Issue 64

By Ted Rose, CEO, Rose Financial Solutions

From ransomware to malware and everything in between, cybersecurity is a top concern for most business leaders. If the security of your company’s data keeps you up at night, you are not alone. According to the  2022 Thales Data Threat Report , which examines the impacts on organizations as they navigate today’s complex security environment, 43% of senior leaders surveyed reported increased attacks from 2021 to 2022. Furthering data security concerns, the March 2023 news of Microsoft Outlook’s CVE-2023-23397 zero-day is a reminder of just how advanced cyberattacks have become. The vulnerability, rated at 9.8 out of a maximum of 10, is triggered even before an email is read in the preview pane, exposing user information and allowing threat actors to exploit network resources.

While hybrid and remote work offer numerous organizational benefits, including greater productivity, reduced stress, and decreased operating costs, this paradigm shift concerns CIOs and IT professionals. In fact, according to a  study  conducted by OpenVPN, 90% of respondents believe remote workers pose a security risk in general, and 54% believe that remote employees pose a greater security risk than onsite employees. These concerns are understandable since home devices tend to be less secure than those in the office, providing cybercriminals easier access to a company’s network and financial information. 

Cybersecurity threats aren’t the only risks that companies face; malicious and accidental insider threats are also rising, according to a 2022  study  by cybersecurity firm ProofpointInsider. While the study found that 56% of the surveyed organizations’ incidents were caused by negligence, 26% were related to a criminal insider and 18% to a user credential theft incidents. The average annual cost to remediate the incident was $6.6 million.

Whether a criminal act is committed internally by employees or externally by entities attempting to gain access to a company’s financial data, the cost to an organization is high. To keep financial information as secure as possible, organizations should implement processes and best practices including multi-factor identification, encryption, hardening connections, security awareness training, and ensuring operating systems and software are up to date. Additionally, companies should:

• Implement a finance and accounting system that automates procedures and enforces protocols that only allow individuals with authorization to access, review, and approve payments.
•  Create a segregation of duties by dispersing business functions to more than one person or department. For example, assign different employees to set up and approve new vendors, payment of bills, writing checks and initiating electronic payments, new hires, changes in pay rates, payroll processing, and reconciliation of bank and credit card accounts.
• Ensure your finance and accounting system provides timely and accurate information, and closely monitor your financial data for unexpected expenditures.

At Rose Financial Solutions (ROSE®), we take an integrated approach to securing our clients’ data. With control structures in place, our technology platform, Easby®, decreases risks by enforcing protocols allowing only those authorized to access, review, and approve payments. Additionally, Easby integrates self-authentication and provides enterprise-level security, including external connectivity security, physical assets security, network and system access protection, and data access protection. Please schedule an introductory meeting below for more information on cybersecurity policies and procedures.

This content is for information purposes only and should not be considered legal, accounting, or tax advice or a substitute for obtaining such advice specific to your business.