Cyber on screen: watch the animation in a new screen and listen to Matthew Bowler, strategy and engagement manager, economic & cybercrime prevention centre, City of London Police, share some facts and tips on cybersecurity.


The nature of the cyber risk is ever evolving. As technology changes so the nature of the attacks you face become more sophisticated. However, the principles of management of the risk remain fairly constant. As a finance team you need to be alert to the risks and the sensitivities of the data that you hold.

Cyber risk management in finance

Finance teams own sensitive data. Be this financial data or details of customers and suppliers. Like any part of the organisation finance needs to be alert to the threats, have appropriate prevention and security procedures in place.  

Any cyber breach needs to be appropriately managed. Within increased focus by regulators and the media on the management of breaches organisations face potentially severe reputational damage which needs to be managed. Effective and rehearsed plans to deal with the impact and aftermath of a cyber-attack are an essential part of any risk management strategy.

Implementing cyber risk management

As a first step any organisation needs to understand the data that it holds and the relative sensitivity of it. Whilst there is a need to protect the organisation understanding your data gives you context. An individual needs to be charged with overall responsibility, however protecting the organisation is everybody’s responsibility. 

The activities that an organisation need to undertake fall into three categories:

  • Resilience - protecting the organisation, as far as possible, from the impact of an attack utilising policies and procedures
  • Recovery - the process of managing after an attack has occurred to recover to business as usual as soon as possible
  • Contingency - testing procedures that need to be activated once an attack has occurred and learning lessons from the simulations.

Organisations should not underestimate the recovery phase and the investment required to help you return to business as normal can be significant. With the sophistication of the attacks increasing so the recoverability process becomes a greater challenge. 

As our data flows become ever more complex so we need to rethink our resilience and recovery strategies to ensure that we have managed the risks inherent in our global networks and our supply chains. 


Consider using established guidance such as that in ISO27001 to provide the basis for a cyber-risk management strategy.

About ACCA lead author, Clive Webb