I'm a CFO and I've Been Hacked: With Cybercrime on the Rise IMA and ACCA Ask Does Your Finance Function Have a Plan to Fail?

Anjelica Sena
Stern Strategy Group
(on behalf of IMA)
(908) 325-3873

Jeff Simmons
Anat Gerstein, Inc.
(on behalf of ACCA)
(917) 673-0024

New York and Montvale, N.J., February 23, 2016
 – Cybersecurity is growing too dangerous and powerful to ignore and a head-in-the-sand attitude to this once nascent, now pervasive threat is no longer an option, according to a new study by and IMA® (Institute of Management Accountants) and ACCA (Association of Chartered Certified Accountants).The report can be viewed in full online here or at www.futuretoday.com.

The joint study, “Cybersecurity – Fighting Crime’s Enfant Terrible,” is an assessment of the cyber-threat landscape across the globe, tracks current and future cybersecurity trends and highlights particular areas that are likely to have a direct impact on the future of the accountancy profession.
“Exploitation of the myriad weaknesses within Cybersecurity is now being perpetrated by a rogues gallery of hostile nation states, digitally enabled terrorists, conniving competitors, organized crime syndicates, hacktivists and even the odd disgruntled employee,” said Faye Chua, ACCA’s Head of Business Insights.

“From health records to credit cards, individual pieces of confidential data are fetching up to $45 per unit on the black market. With databases holding millions of records now commonplace the consequences of a breach have become too serious to ignore.”
Added Raef Lawson, Ph.D., CMA, CPA, Vice President of Research and Policy at IMA: “When establishing a plan it is important to be realistic about the resources at your disposal so you can deploy them appropriately. To be effective, implement a ‘layered’ approach to cyber security that establishes priorities for your most valuable digital resources.”

Amid escalating cybercrime episodes across the globe, the criminal enterprise is presenting a number of threats for the finance profession – and the theft of financial assets through cyber-intrusions is the second largest source of direct loss from cybercrime, according to one study noted in the report.

Accountants and finance professionals can, and should, play a leading role in defining key areas of a strategic approach to mitigating cybercrime risks. These include:

•    Creating reasonable estimates of financial impact that different types of cybersecurity breaches will cause, so that a business can be realistic about its ability to respond to an attack and/or recover from it;
•    Defining risk management strategy;
•    Helping businesses to establish priorities for their most valuable digital resources, in order to implement a “layered” approach to cybersecurity; and, 
•    Closely following the work of government and various regulators, in order to have clear, up-to-date information on adequate legislation and on requirements for adequate disclosure and prompt investigation of cybersecurity breaches.

“Predicting the potential implications of a breach is crucial to enabling a swift recovery should the unthinkable occur. Putting a ‘plan for failure’ in place might feel like an admission of weakness, but it is the best way to accelerate the process of repair after an incident,” Chua said. “Professional accountants possess both industry knowledge and a strategic understanding of the overarching strategy of the organization. In addition, they boast a well-deserved reputation for being fiercely analytical of potential risks to the safety of their clients and employers.”
Ultimately, said Lawson, it is up to finance professionals to keep a watchful eye when it comes to cybercrime. “Above all, professional accountants tend to be cautious in dealing with innovations that have a potential to put safety at risk. These traits make them perfectly placed to hold vigil over potential threats to the cybersecurity of the organization,” he said.

A 2015 survey by IMA and ACCA found that accountants and other finance professionals clearly understand the importance of the issue: 85% of respondents said that management at their respective companies was concerned about cybercrime risks.

About ACCA
ACCA (the Association of Chartered Certified Accountants) is the global body for professional accountants. We aim to offer business-relevant, first-choice qualifications to people of application, ability and ambition around the world who seek a rewarding career in accountancy, finance and management. We support our 178,000 members and 455,000 students in 181 countries, helping them to develop successful careers in accounting and business, with the skills required by employers. We work through a network of 92 offices and centres and more than 7,110 Approved Employers worldwide, who provide high standards of employee learning and development. Through our public interest remit, we promote appropriate regulation of accounting and conduct relevant research to ensure accountancy continues to grow in reputation and influence. www.accaglobal.com

About IMA® (Institute of Management Accountants)

IMA®, the association of accountants and financial professionals in business, is one of the largest and most respected associations focused exclusively on advancing the management accounting profession. Globally, IMA supports the profession through research, the CMA® (Certified Management Accountant) program, continuing education, networking and advocacy of the highest ethical business practices. IMA has a global network of more than 80,000 members in 140 countries and 300 professional and student chapters. Headquartered in Montvale, N.J., USA, IMA provides localized services through its four global regions: The Americas, Asia/Pacific, Europe, and Middle East/Africa. For more information about IMA, please visit www.imanet.org.

› Download PDF