Cybersecurity Role Of CFO Versus CIO

There’s a recent arti­cle on the Cana­di­an-based Finan­cial Post enti­tled CFO role expands in the age of height­ened dig­i­tal secu­ri­ty. It’s a good, quick read.


In it, author Rebec­ca Wal­berg sum­maries the results of an IBM-Finan­cial Exec­u­tives Inter­na­tion­al Cana­da study of cyber secu­ri­ty and busi­ness con­ti­nu­ity. For exam­ple:

In the past two years, 54 per cent of com­pa­nies report­ed an IT fail­ure, 45 per cent suf­fered a data breach and 29 per cent lost data, the study with about 100 respon­dents from a range of sec­tors and indus­tries shows. How­ev­er, 86 per cent of respon­dents said cyber secu­ri­ty breach­es were “rare events.”

Is any­one sur­prised at those results?

The arti­cle also con­tains a well-rea­soned argu­ment for why CFOs should take up the chal­lenge of becom­ing more involved in Cyber­se­cu­ri­ty. For exam­ple, I like the way Jerold Zim­mer­man (Pro­fes­sor of Account­ing at the Uni­ver­si­ty of Rochester) dif­fer­en­ti­ates the roles of CFO and CIO with respect to dig­i­tal secu­ri­ty:

While net­work and data secu­ri­ty is tra­di­tion­al­ly the respon­si­bil­i­ty of chief infor­ma­tion offi­cers or IT depart­ments, the abil­i­ty to man­age the advan­tages and risks relat­ed to a firm’s infor­ma­tion is a cru­cial ele­ment of the CFO’s job.

Are CFOs tak­ing up the chal­lenge of becom­ing more involved in Cyber­se­cu­ri­ty? I’d enjoy learn­ing more from any of them. What are the great­est chal­lenges? Any strong wins? What do they need the most to suc­ceed?

Please note: I reserve the right to delete comments that are offensive or off-topic.