Are Finance Departments Doing Enough to Protect Their Data?


It’s no secret that data has become the lifeblood of modern business. But do organisations realise just how valuable it is? And are they taking the necessary steps to protect this asset?

We recently undertook research across the UK, US, France, Germany, and Australia, and it showed that finance professionals working at large UK organisations recognise the value of data as being, on average, worth 31% of revenue.

As we surveyed those from organisations with revenues of £50 million or more, even looking at the lowest revenue, in real terms this data is valued at £15.5 million. In reality, it could be significantly higher.

Almost 1 in 5 (17%) of finance professionals in the UK, France, and Germany valued data even higher, at over half of their company’s revenue. In fact, 71% of finance professionals in the UK agreed that data should be listed on the balance sheet.

Relying on the IT department Isn’t Foolproof

There is no denying the value of data, and it’s clear that many businesses would struggle should they lose it. However, very few seem to be taking its security seriously enough, especially in the finance department.

Reliance on the IT department alone to mitigate against potential threats isn’t a foolproof solution.

Cybercriminals exploit vulnerabilities within organisations and these can often be due to human error. For example, a patch isn’t installed or a malicious link is clicked.

Everyone needs to be aware of the potential threats: how they can stay secure and also what to look out for so they don’t inadvertently let in a hacker.

Given the stakes involved should the worst happen, businesses need to get on top of data security. While 42% of respondents see the greatest cost of losing data as a reputational one, there are many other ‘costs’ to consider.

The impact on future business prospects is a significant one. Monetary costs are also a consideration, although it isn’t as high on the agenda as it possibly should be. Only 10% see facing potential compensation fees and fines as the most serious consequence of data loss.

With the General Data Protection Regulation (GDPR) coming into play in May of 2018 (Europe only) and set to increase maximum fines from £500,000 to £20m or 4% of global turnover, CFOs should perhaps be taking this more seriously. For businesses with a turnover of £50 million or more, that is a minimum fine of £2 million.

The Generational Gap

Younger respondents are potentially more concerned than their elders about the reputational implications of data loss, theft, or tampering. Fifty-eight percent of respondents between 25 and 34 perceive that the most serious cost would be the effect on future client relationships or the PR cost to lessen the blow to the company’s reputation. This is compared with 42% in the 45-54 age group.

As the research shows, there is still a long way to go when it comes to protecting one of business’ most important assets.

It is great that finance professionals realise the value of data, but everyone needs to take a more proactive approach to securing it. Relying solely on the IT department doesn’t always mitigate against the all too common human error of someone clicking on a malicious link.