Home » Fraud Prevention » ID Systems & Services in Fraud Prevention

Tackling the cybersecurity threat in treasury

October is National Cybersecurity Awareness Month in the US and it's an opportunity to refresh ideas on the importance of online security and awareness in the corporate treasury department.

As Deutsche Bank's Michael Spiegel notes in this article, treasuries are an attractive target for hackers because those that find the weak security spot in corporate systems are then able to “move large amounts of cash fast – as well as tap into rich repositories of valuable and sensitive client data”. Spiegel cites a 2017 Deutsche Bank study in collaboration with the Economist Intelligence Unit (EIU) that found that corporate treasurers are not paying enough attention to cyber risks from third parties and employee mistakes. Not tackling third-party risks leaves companies open to cyber breaches through the back door, from a supplier or subcontractor with less rigorous identity authentication or data security requirements.

Supplier risk

The 2017 EIU white paper also found that

  • 19 per cent of companies do not check whether their suppliers use the same methods for authenticating identities as they do, leaving an open door for fraud;
  • 18 per cent of treasurers say that only a minority of their clients and suppliers follow the same, or similar, regulatory and compliance rules to them;
  • 14 per cent of firms do not insist that the information-security requirements they apply to their third parties must also be extended to subcontractors;
  • 92 per cent of companies perform internal penetration testing, but a third do not currently conduct it externally, leaving a concerning gap ripe for exploitation; and
  • only 38 per cent of companies require all of their third parties and suppliers to perform penetration testing.

How treasurers can tackle cyber risk

The risk of a data breach is high but there is a lot of information out there on how corporate treasuries can ensure they have as much protection as possible. Here are some points of reference, with suggestions on how financial professionals should tackle the cyber threat within their organisation:


This item appears in the following sections:
Fraud Prevention
ID Systems & Services in Fraud Prevention
Minimizing Fraud Procedures
Minimizing Payment Fraud

Also see

Comments

No comment yet, why not be the first?

Add a comment