Connect with us


The new cybersecurity responsibilities of finance teams in the current crisis

The new cybersecurity responsibilities of finance teams in the current crisis 1

By Nathan Howe, Director of Transformation Strategy at Zscaler

COVID-19 has changed what we think of as the “office space” forever. As the pandemic hit across the globe, companies were forced to rapidly relocate staff to home offices, relying on existing network infrastructure to switch to remote working.

Most workforces have indeed shown that they can still be productive when outside an office environment, and as the business case continues to become more apparent, and the option to return to the office becomes viable, enterprises are taking stock of where their money is best invested.

At a macro level, there has already been debate about whether investing in the home offices of workers is a more economic path than paying hefty permanent rental fees for large office spaces. This, of course, would come with its own complications: should businesses be paying for the fastest home broadband connection and secure routers for their workers? What happens if a security incident takes place within a worker’s home, rather than the office?

Reallocation of responsibilities

With new challenges ever arising, at the highest levels of organisations, there’s been a distinct reallocation of responsibility, especially when it comes to unprecedented actions to ensure business continuity and security of assets that are now outside of an office’s traditional four walls. And with the growing focus on working with shrinking resources, a large part has fallen on finance teams’ shoulders.

For many businesses, when the pandemic hit, they were unprepared for this scale of remote working. At best, most planned for no more than one-third of their staff to work from home on a temporary basis at any one time. In this unforeseen situation however, bottlenecks quickly developed as a result of a massive increase in data traffic. This flood of data pushed the traditional methods for remote access to corporate networks and applications to its limits.

These issues would typically land on the desk of the IT team or the CTO. However, the reality is that the scale of the issues affected business productivity and continuity across entire organisations, so became a blockade to essential cash flow for businesses, quickly becoming a matter for finance.

Sacrificing security for function

During the earliest period of lockdown, companies took a cost-effective approach to cybersecurity that was driven by the finance function. During the search to identify the factor holding companies back from high-performance remote working, sacrificing technical solutions such as firewalls or remote access VPNs used as perimeter-based security infrastructures and on devices, would increase productivity and shore up the bottom line but penalise the organisation’s security posture.

Companies had to choose between ensuring normal levels of productivity or providing secure remote access to the sheer number of different devices used in the workplace. But it’s not always possible for companies to insist on compliance with standardised security policies across all devices.

Unfortunately, over lockdown many essential security processes, such as SSL decryption, have been bypassed entirely by companies to make remote working easier. These are quick and dirty fixes to increase connectivity and productivity, without addressing the broader issues around improving network architecture to facilitate better remote working standards. In the long term, these “fixes” not only increase the risk to an individual business, but all businesses and end-users.

Navigating uncertain times ahead

With the full return to physical offices still an uncertain potential, the security posture for organisations need to be addressed for long term stability rather than short term gains. The bypassing of security in favour of business continuity was, for many organisations, a difficult but essential decision during the most tumultuous periods of lockdown. However, finance functions have hopefully learned from its time with its hands on the security wheel is that they need to invest in converting their emergency workarounds into practical approaches for the future. The new world of work requires an hybrid approach that combines connectivity, security, and performance – all without making sacrifices that could jeopardise data and people.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now