The Latitude Financial, Optus, and Medibank cyber attacks that impacted millions of Australians in the past 12 months have made it clear that bolstering cyber defences is a business imperative in 2023.
According to the Australian Competition and Consumer Commission, the business community saw a total loss of $23.2 million, a 73 percent increase from last year. However, this only accounts for some reporting data, meaning that the actual numbers are likely larger.
“Lowering the risk of these scam losses requires a multi-faceted approach,” says Mark Chazan, Chief Executive Officer of Eftsure, a B2B payment protection solution that safeguards over $180 billion annually. “One part of that approach should be strengthening internal controls and ensuring that digital fraud prevention is built into finance processes.”
To help businesses strengthen those controls, Eftsure has released a comprehensive guide for finance leaders.
The Financial Controls Guide walks through a collaborative, multi-functional approach for assessing, upgrading, and correcting an organisation’s financial processes. As owners of these processes, Chazan says that Chief Financial Officers (CFOs) are in the best position to drive stronger anti-fraud controls.
“To build a strong cyber defence, organisations need to evaluate their people, processes, and technology.”
The guide will help CFOs zero in on the “processes” part of that equation, an important step in what Chazan refers to as “collaborative cybersecurity.” A collaborative approach is critical, says Chazan, because organisations aren’t fighting a fair fight.
“Scammers only need to be successful once, whether that’s getting an employee to click on a malicious link or impersonating a trusted contact. Conversely, organisations need to be successful at stopping these attempts every time, or else they could face serious financial, legal, and reputational damage.”
This approach aligns with what is currently known about Australia’s new national cyber security strategy. Minister for Home Affairs and Minister for Cyber Security, Claire O’Neil, has emphasised a collaborative approach to both developing and implementing the 2023–2030 Australian Cyber Security Strategy, which will outline the government’s long-term vision for cybersecurity.
“It’s the step-change Australia needs to improve our national resilience to cyber threats and properly address the consequences of cyber incidents,” Minister O’Neil has said.
“We must work together to counter these threats, build partnerships, and set ourselves up for success. Everyone has skin in the game when it comes to Australia’s cybersecurity.”
From a business perspective, implementing an effective financial controls strategy is a step towards bolstering the organisation’s overall cyber security posture that will enable it to effectively protect sensitive company and customer data, keeping cybercriminals at bay while doing business as usual.