At a recent meeting of AFP’s Treasury Advisory Group identified cybersecurity as on the their top concerns, and many companies have increased their cyberinsurance coverage significantly. Some treasurers of retail companies are predicting that because of the Target breach they will have to increase their insurance three-fold at least. But what can be done to minimise and prevent fraud?
Follow UK’s GCHQ mantra
The UK Government Communications Headquarters, which is the centre for Her Majesty's Government's Signal Intelligence (SIGINT) activities, knows a thing or two about cyber security (including how to break into other systems), so their guide published in 2012 is worth considering.
They conclude that “Basic information risk management can stop up to 80% of the cyber attacks seen today, allowing companies to concentrate on managing the impact of the other 20.” They then list their 10 steps to cybersecurity - see.
Follow UK’s ICAEW group advice
The UK’s ICAEW put together a working group of the great and the good in corporate finance including the Association of Corporate Treasurers, Cabinet Office, The Takeover Panel, etc. to examine this topic. Using the example of a corporate finance transaction to:
- raise awareness of the issues, threats and areas of vulnerability surrounding cybersecurity across the spectrum of corporate finance activity.
- provide those engaging in any form of corporate finance activity (such as corporate finance advisers and the companies undertaking the activity) with material and references for consideration that can help reduce the risk of security breaches associated with corporate finance activity.
- demonstrate that cyber-risk is another business risk to be considered across the spectrum of corporate finance activity, and managed like other business risks.
The report, available from here, contains some useful ideas and examples.
AFP recommends three measures to mitigate cyber risks:
- improve overall security systems
- work with law enforcement when breach is detected
- purchase cyberinsurance.
CTMfile take: Remember play it safe, don’t trust anyone, don’t trust any system, check and check again, and cyberinsure.
Like this item? Get our Weekly Update newsletter. Subscribe today