BlackLine Home page BlackLine home page
Solutions
Solutions
Financial Close Management
Financial Close Management
Overview
Overview
Account Reconciliations
Account Reconciliations
Task Management
Task Management
Transaction Matching
Transaction Matching
Journal Entry
Journal Entry
Compliance
Compliance
Variance Analysis
Variance Analysis
Smart Close for SAP
Smart Close for SAP
Accounts Receivable Automation
Accounts Receivable Automation
Overview
Overview
Cash Application
Cash Application
Credit & Risk Management
Credit & Risk Management
Collections Management
Collections Management
Disputes & Deductions
Disputes & Deductions
Team & Task Management
Team & Task Management
AR Intelligence
AR Intelligence
Intercompany Financial Management
Intercompany Financial Management
Overview
Overview
Intercompany Non-Trade
Intercompany Non-Trade
Intercompany Balance & Resolve
Intercompany Balance & Resolve
Intercompany Net & Settle
Intercompany Net & Settle
By Organization Size
By Organization Size
Midsize Organizations
Midsize Organizations
Large Enterprises
Large Enterprises
By Industry
By Industry
Banking & Financial Services
Banking & Financial Services
Consumer Products & Services
Consumer Products & Services
Energy & Raw Materials
Energy & Raw Materials
Healthcare & Life Sciences
Healthcare & Life Sciences
Manufacturing
Manufacturing
Retail
Retail
Technology, Media & Communications
Technology, Media & Communications
See All Industries
By ERP
By ERP
SAP
SAP
Oracle
Oracle
Oracle NetSuite
Oracle NetSuite
Microsoft Dynamics
Microsoft Dynamics
See All ERPs
Customers
Customers
Customer Success
Success Stories
Success Stories
Collaborative Accounting Experience
Collaborative Accounting Experience
Modern Accounting Playbook
Modern Accounting Playbook
Training & Education
Training & Education
CUSTOMER SUPPORT
Global Support
Global Support
Developer Portal
Developer Portal
BlackLine Community
BlackLine Community
Resources
Resources
Events
Events
Upcoming Webinars
Upcoming Webinars
On-Demand Webinars
On-Demand Webinars
White Papers
White Papers
Blog
Blog
Accounting Glossary
Accounting Glossary
Global Support
Global Support
About
About
Company
Company
About BlackLine
About BlackLine
Leadership
Leadership
Diversity, Equity & Inclusion
Diversity, Equity & Inclusion
Environmental, Social & Governance
Environmental, Social & Governance
In the News
In the News
Press Releases
Press Releases
Investors
Investors
Awards & Recognition
Awards & Recognition
Careers
Careers
Partners
Partners
Consulting Alliances
Consulting Alliances
Solution Provider Partners
Solution Provider Partners
Software & Cloud Partners
Software & Cloud Partners
Business Process Outsourcers
Business Process Outsourcers

How to Minimize Cybersecurity Risk in the Cloud Era

image

This article originally appeared in FEI Daily and was updated on April 9, 2020.

Cybersecurity is top of mind for CFOs. Nearly two-thirds of CFOs in a recent study said they are now taking on responsibility for operational risk management and mitigation—and elements of cybersecurity are a big part of that.

The Ponemon Report found that the typical total cost of a breach was around $4.88 million, and the lifecycle of a data breach in 2019 was 279 days longer than the 2018 lifecycle of 266 days.

Putting aside damage to brand and reputations—which can be substantial—the impact on customer trust, and in turn acquisition and retention as well as market value, all add up.

Cybersecurity is much more than securing access to applications and data, and proactively adapting to the ever-changing threat landscape. It’s also about enforcing strong controls for data integrity, protecting data from loss, and ensuring availability when the business needs it.

Finance leaders in the enterprise need to ask these questions, not only about the applications they run internally, but also of their current and prospective cloud providers:

  1. What is our organization’s current exposure to cyber threats?

  2. How well are we prepared, and how well are our cloud providers prepared?

  3. What is our overall risk tolerance, and are our cloud providers aligned with this?

  4. Do we and our providers have processes in place to prevent, detect, contain, and respond?

  5. Are our providers investing to reduce risk of data loss or downtime?

  6. Do we and our providers have a thoroughly tested plan, so there is no delay in the event of an attack?

Cybersecurity & the Cloud

When cloud computing first entered mainstream technology over a decade ago, cybersecurity was often a top concern amongst CFOs and IT alike. Those concerns have waned over recent years, with around 80% of CFOs using the cloud in some form.

Cloud technology is now becoming the backbone of the new finance technology landscape.

The best-run cloud providers locate applications and data in physically secure, redundant, and geographically distributed data centers. They employ dedicated trained security personnel and adhere to strong policies, controls, and separation of duties as laid out by standards such as those outlined in SOC 2 and ISO 27001.

They encrypt data at rest and in transit using the latest technology, and ensure applications and infrastructure are always up to date. And they publish their availability and offer SLAs they can stand behind.

It’s a combination that’s often hard to cost-effectively achieve with in-house systems and personnel running on-premise systems.

Education & Diligence Required

The role of cybersecurity is increasingly falling to finance leaders, with enterprise-wide operational risk management being added to their growing list of roles and responsibilities.

As a result, education is needed more than ever, because it’s essential for finance executives to ask the right questions and feel comfortable getting into the detail about prospective cloud providers’ cybersecurity investments, policies, and procedures.

But with so many terms bandied around with compliance, it can be challenging to understand the meaning behind the acronyms, and ensure the certifications you’re asking for, or that your vendors are providing, give you the assurances you expect.

Read our latest CFO Playbook for the practical guidance you need to minimize cybersecurity risk with cloud vendors.