A survey report by the Economist Intelligence Unit (EIU) into cybersecurity among corporate treasury departments found that, while most treasurers say their companies are implementing basic security measures, serious gaps in corporate defence remain. The report – Third-party risks: the cyber dimension – which is sponsored by Deutsche Bank, underlines that corporate treasury is a top target for cyber-criminals and that the majority of treasury departments have moved quickly to strengthen their online security by introducing rigorous testing to check for vulnerabilities.
The report highlights the following key findings:
- 19 per cent of companies do not check whether their suppliers use the same methods for identity authentication as they do. This leaves an open door for fraud.
- According to 18 per cent of companies surveyed, only a minority of clients and suppliers follow the same or similar regulatory and compliance rules as they do.
- Because 14 per cent of companies do not insist that information security requirements which currently apply to third parties also be extended to their subcontractors, they are giving cyber-criminals the opportunity to steal data.
- Internal penetration testing is performed by 92 per cent of companies. However, 33 per cent do not conduct external testing, leaving a worrisome gap that can be exploited.
- Only 38 per cent of companies require all of their third parties and suppliers to perform penetration testing. This may be risky, given the increasing number of data and other network security breaches that have been reported.
The research was conducted between April and July last year and 300 senior corporate treasury executives were surveyed.
The report also looks at what treasurers can do to ensure that a weakness or mistake in the department isn't the cause of the next damaging security breach for their company. It identifies five sets of people and processes that interact with treasury and could pose security weaknesses, as well as suggesting some ways to improve cybersecurity in treasury processes. For more detail read the report here: Third-party risks: the cyber dimension
- This item appears in the following sections:
- Bank Relationship Management & KYC
- Best Practices & Benchmarking in Operations
- Risk Management
- ERM - Enterprise Risk Management
- ID Systems & Services in Fraud Prevention
- Minimizing Fraud Procedures
- Minimizing Payment Fraud
- Global Cash & Liquidity Management
Greater collaboration needed to tackle growing cyber threat
Greater organisational collaboration in the financial services sector and working alongside law enforcement and government agencies are central to beating cyber criminals
Top 10 cybersecurity vulnerabilities and exploits threatening corporate systems
What digital threats do companies face today? Ignoring new software security patches, unsupported systems and a lack of strong permission and user access controls are all part of the problem
Five steps to improve your company’s resilience to cyberattacks
Companies are getting better at preventing cyberattacks on their data and IT systems, with 87 per cent of attacks now being blocked, compared to 70 per cent in 2017