CFOs put cyber risks high on 2022 agenda


At rapidly expanding companies, chief financial officers (CFOs) need to stay laser-focused on managing growth on both sides of the ledger.
“When you’re growing fast like we are, you’re trying to grow your teams, your systems and everything almost as fast,” Invicti Security CFO Jeff Bray told PYMNTS. “Managing how head count’s rolling in, systems investments that people want to make and investments everywhere that people want to make is what consumes a lot of my time.”
Invicti Security provides security software that allows organizations to scan and secure all their web apps and application programming interfaces (APIs). Bray joined the company in January, bringing decades of experience.
Looking to Automate
Speaking as part of PYMNTS’ “Day in the Life of a Digital-First CFO” series, Bray said that with physical offices space in Malta, Turkey and the United States, and more than 3,500 customers around the world, Invicti has a lot of accounts payable (AP) and accounts receivable (AR) to manage.
Because the customer count has leapt from 1,000 a few years ago to where it is today, Invicti Security is looking to transform some of its processes. For example, the team is still manually sending email reminders to customers — and still getting checks from some of them.
“It’s an area where our processes work well, but they’re not automated,” Bray said.
Automation is on the to-do list, but the company is first upgrading its enterprise resource planning (ERP) system.
Helping Customers Manage Risk
In Invicti’s business, the company often finds that customers have more applications facing the internet than they think.
Using the company’s software, they often discover that in addition to the customer-facing apps they were thinking about, there are employee-facing ones or marketing ones that were meant to be active for only a limited time. As a result, they may have three times as many, or even 10 times as many potential vulnerabilities than they thought.
Beyond that, each time a website is updated, there’s a new potential for creating risk.
“It’s a risk-management issue,” Bray said. “So, you’ll never solve all the problems, but what you want to do is eliminate your greatest risk factors.”
Seeing a Changing Cybersecurity Landscape
Today’s security landscape is different from that of a few years ago in two ways, Bray said. First, the conflict between Russia and Ukraine is a cyberwar as well as a physical war, and the Russians will be looking for payback for years to come.
Second, cybersecurity has become a constant discussion at the board level of companies.
“If people are not having [that discussion] today, there are going to be regulations that are forcing them to have it,” Bray said. “So, when directors are asking CEOs questions about something, the budget tends to be a little more liberal.”
Providing Visibility, Backward and Forward
For CFOs of high-growth companies, too, it’s important to have visibility, both backward and forward.
That includes having a well-established, documented reporting process. For example, the team should know that if the books are closed on Day 10, the information should be disseminated to the CFO by Day 12, and the CFO will then share it with the stakeholders.
“As you become a bigger company, you have more people who care about the financial results, and so you need to have that established,” Bray said. “Then, on the go-forward basis, having a strong planning team with good data is critically important.”




Leave a reply

Please enter your comment!
Please enter your name here