Controller’s Role in a Company Data Breach

One of the great lines that defines the roles of finance is this: If something impacts the bottom line, it’s your responsibility, and everything impacts the bottom line.

As a finance professional, you may have entered into this role when you had a reasonably well-defined scope or you may have jumped aboard when finance was expected to have a hand in nearly every decision, but the fact remains true—you’re probably going to have to answer for “it.” That said, “it” could mean ‘taking a bigger role in the HR department.’ “It” could mean ‘facilitating a technology purchase without the input of IT.’

“It” could also mean ‘taking steps to mitigate financial losses in the result of a data breach.’ In fact, cybersecurity and data breaches are an increasingly large portion of the risk management spectrum, and as finance continues to take on more responsibility for risk, this is an important extension of your job.

2020 Will Likely Be the Worst Year for Breaches

2020 is likely going to be a banner year for criminals. A certain pandemic has pushed us all into a remote work environment, adding touchpoints and areas to access that never existed before.

Here are just some of the reasons that the pandemic has created new cybersecurity risks, according to AccountingWEB.

Reduced firewall effectiveness: Home firewalls and wifi routers may not be properly configured to protect your devices from being seen on the Internet.
Bring Your Own Device (BYOD) programs are even more prevalent: In a work from home environment, it’s likely that every device is BYOD. Even with a hosted desktop, keyloggers could still be used to capture passwords or account numbers from keystrokes made on the personal device.
New Vectors: How many people take the time to secure their home printers? How many family members are using the network? Your IT department can work tirelessly to vet any device that enters the network at an office, but probably isn’t the case at home.
Cross-network infiltration via VPNs: Because VPNs create a “tunnel” between your home network and your office network, malware on the home network may be able to travel over to your corporate network.
More Reliance on Email Means More Opportunities to Phish: There has been a notable increase in phishing attacks, particularly featuring COVID-19 information. Be sure that you have enacted advanced email scanning, employee awareness, and phishing testing programs to reduce your risk of being a victim of these attacks.

Signs a Breach Has Occurred

With more attack vectors, how can you tell that a breach has occurred? The following is a partial list of events that may indicate a breach:

Your passwords suddenly stop working
Suspicious programs show up when you run Control Panel > Programs and Features
Your virus protection software has been deleted or disabled
When browsing, you start seeing many unusual browser pop-ups, URLs you enter are redirected to different webpages, or your Home URL is automatically changed to one for another website
You are suddenly missing files
You experience constant or regular crashes because the system has become unstable
Applications suddenly will not run or are missing
Your computer is running terribly slow, and even though you have a lot of memory and disk space, it keeps churning away for no apparent reason
You get locked out of your PC altogether because it says your password is invalid
You may get the blue screen of death, meaning the computer will not boot up at all

Responding and Reacting

Understandably, this has put new risk on your firm, and while your IT team has worked hard to stop anything terrible from happening, it’s vital to know what to do when the nightmare scenario comes about. Breaches can happen to any company ranging from the small nonprofit to the publicly traded company, and the loss in consumer trust can derail either.

First Response: Start Your Internal Processes

While the ideal situation here is to consult an incident response plan—a system of actions and templates that you should rely on in the event of a data breach—this may not be the case. According to Intuit, here are the first steps you should take if you notice something is amiss:

Your first response to a security breach should include taking all the computers offline and notifying the proper people to deal with the breach, whether it’s your in-house IT team or the outside IT firm in charge of your computer security.
You should also notify your human resources and customer relations teams immediately. It’s important to find out the exact nature of the breach, discover the extent of the damage, and determine who’s responsible for the breach as quickly as possible.

Plan for the Fallout

After you can be certain that an incident has taken place and that you’ve taken actions to stop it, now is the time to settle in and start the external communications process. Working with your customer service team, PR team, and IT department, begin to take steps to discuss how you’re going to rebuild customer trust. Here are just a few things you may need to do:

Prepare for the Public Relations Fallout: Even if your company isn’t in the public eye on a worldwide or even nationwide scale, you may still have to deal with public relations issues related to the security breach. Have a point person ready to answer questions from the press both small and large.
Inform Your Customers: If the breach results in compromised customer data, it’s imperative that you tell them about the situation before they hear it from someone else. By acting quickly and exercising honesty, you may hold onto your clients and protect your brand image.
Reiterate Your Commitment to Prevention: From here, you need to start looking forward and discuss how you will stop future incidents from taking place.

One Part of a Larger Risk Management Initiative

As the person who is responsible for mitigating risks, your ability to react to a data breach is probably something you weren’t assuming when you took on the role of controller. But no matter how you look at it, it pays to be prepared. If you’re looking to stay up to date on all the latest topics impacting the controller, we invite you to join the Controllers Council.