Cyber Security is 2015 Priority for US Treasury Departments

Treasury departments at large US companies rank IT security as their top priority for 2015 – ahead of such critical issues as cost management and regulatory/compliance challenges, reports Greenwich Associates.

These finding come from the results of the market intelligence and advisory services firm’s ‘2014 US Large Corporate Finance Study’, for which it interviewed chief financial officers (CFOs)or treasury department representatives at more than 500 large US companies.

The study results suggest that US companies are taking action to address security concerns and other IT issues with 63% of the participants saying their treasury departments will increase technology spending in the year ahead.

“Cyber threats pose a real risk to business profitability, which is why corporate treasurers have made IT security their top area of focus,” said Greenwich Associates consultant Marc Harrison.

As part of its research, the firm compiled a list of the most common IT vulnerabilities companies should be looking to address with these new investments:

  • Weak Authentication: Non-complex passwords without additional authentication factors are easily bypassed.
  • Unpatched Vulnerabilities: Hackers rely on known vulnerabilities in operating systems and other common software to gain entry and glean data.
  • Malware: Trojans and other forms of malware can exfiltrate data, be used to access financial accounts, or create ‘bots’.
  • Comprised Vendors: Vendors are targeted for their access to clients’ systems, either directly or through products they provide.
  • Social Engineering: Employees throughout the organisation are at risk, as hackers utilise seemingly legitimate communications.
  • Web Injection: Public-facing websites are compromised and misused to glean customer data or to deliver malware.

“Within corporate treasury departments, there are specific steps companies should and must take in order to protect their own businesses and their customers’ data,” said Al Pascual, senior analyst of security, risk and fraud at Javelin Strategy & Research.


Related reading