Gone are the days when chief financial officers (CFOs) were considered old-fashioned and tech illiterate.
According to Ofer Brown, general manager of Israel and APAC at cybersecurity firm nsKnox, the pandemic led to a rapid acceleration in the adoption of technology and has made today’s CFO more innovative.
“They used to be [focused on their own systems], … and worked with only one bank,” Brown told PYMNTS in an interview. “Today, they work with several banks globally and are much more receptive to hearing about innovation and new technologies.”
While embracing innovation clearly has its benefits, doing so is not without risk, Brown noted, with CFOs on the receiving end of an increasing number of fraud attacks.
Their roles in organizations have also expanded from baseline projects like cash management and treasury management to managing external-facing activities like vendor portals and customer portals. It’s a shift, he said, that has happened without the proper standards needed to automate and enable these increasingly sophisticated systems to work together seamlessly.
That lack of integration further opens the door to risks that organizations are already battling.
“Fraudsters love those cracks between systems,” he said.
That said, Brown was quick to point out that CFOs “are not blind” to these challenges, considering how prevalent fraud-related discussions are across industries.
“Cybersecurity was a domain once limited to cybersecurity conferences. But today, cybersecurity and risk are [widely] discussed in finance,” he said.
Finance professionals also have a growing awareness of compliance, particularly relating to sanctions on banks in Russia, he said, adding that this has led to an increase in requests from clients to validate and verify that funds are not being transferred into sanctioned bank accounts.
“Even banks find it hard to comply. And at the corporate level it’s much harder for them to connect to all the [sanctions accounts] lists out there,” he explained, pointing to how nsKnox comes in with its corporate cybersecurity expertise to help clients authenticate the identity of suppliers.
And because most attacks are linked to information sharing via emails and PDF documents, he said the firm has introduced a bank account certificate for its clients: “It’s an encrypted PDF with our technology embedded that you can share between two parties, and they can at any given time check that the account is correct and that you are the owner.”
Keeping Fraudsters at Bay
According to Brown, education is needed within and outside the organization to raise awareness, making it as easy as possible for different stakeholders to understand and adopt common safety practices.
This also involves sharing knowledge and providing external parties like suppliers and vendors with tools to process payments safely. Taking a few precautionary steps goes a long way in protecting organizations from falling victim to fraudsters’ attacks.
As he said, “the risk is not only in your domain. The risk is also having your supplier being hacked and [thus impacting your organization], or your customer is tricked into paying someone else instead of paying into your account.”
Banks, which are more secure and invest significant amounts of money into cybersecurity, have been less commonly at the receiving end of the attacks than corporates. But as attacks shift from social engineering to malware and fraudsters become much more sophisticated, corporations are required to catch up fast.
In fact, Brown said that CFOs, who are naturally strategic thinkers, are more aware than ever of the risks they face. As such, they are arming themselves with payment security solutions like those offered by nsKnox to fill in the cracks and keep cybercriminals at bay.
“Fraudsters will go to where it’s easier for them, if they know that you are using the best antivirus or the best validation services, they will go somewhere else,” he said.