As technology transformations – for example a business unit built around AI or a new application focused on personalized customer experience – have gained momentum in recent years, so have cyber risks and data privacy issues.

But when organizations look internally for risk mitigation and compliance with data privacy laws, there’s a lack of people qualified to do so, according to a new report from ISACA, an IT governance trade association. . Technical privacy and legal/compliance teams are understaffed, corporate privacy budgets are underfunded, and there are skills gaps. The findings are based on a global survey of 1,890 data privacy professionals who hold roles in IT, audit, compliance and risk management, for example.

Failure to comply with privacy laws and regulations, like the European General Data Protection Regulation or even state laws, including the California Consumer Privacy Act (CCPA), is costly, Safia tells me. Kazi, ISACA Privacy Professional Practices Manager. CCPA implemented compliance updates on January 1, regarding employee and applicant notification of company privacy practices.

So it’s a matter that may fall under the purview of a CFO. “CFOs’ risk expertise is invaluable,” says Kazi. “This is especially true when it comes to shopping.” Not only can third parties cause a material breach of privacy, but selecting unqualified third parties can lead to a “devastating breach of privacy and a fine,” says Kazi. About a quarter of survey respondents said they always or frequently work with their organization’s finance department. But this percentage may need to increase.

“Security incidents and privacy incidents are not the same”

But lots of risk means lots of rewards, at least for VCs investing in this new generation of cybersecurity products. The global cybersecurity market is expected to reach $403 billion by 2027, as my colleague Lucy Brewster details in her new report: “Cybersecurity is hot. Here are the 13 best VCs you need to know. VCs she showcases include Chenxi Wang, who invested in SaaS (software as a service) cybersecurity platform Claroty, and Ariel Tseitlin, who invested in SaaS security platform AppOmni, products that could one day become the norm in a secure organization. .

Regarding having a designated data privacy program, the ISACA survey found that 42% of respondents said their privacy budgets were underfunded, and only 34% said their budgets were underfunded. privacy would increase in 2023. Meanwhile, 40% said the mandate was unclear, roles and responsibilities, and 39% cited a lack of management or business support.

“Ransomware was a big concern last year, and many organizations took steps to prepare for a ransomware attack,” says Kazi. “But it’s possible that they view security incidents and privacy incidents as one and the same thing, which they are not.” Investing heavily in security without also thinking about privacy is a big mistake – something as small as an inappropriate privacy notice to customers (which would not be addressed through security investments) can cost a million dollar business and damage its reputation.

She continues, “Board members of some organizations may not fully understand the difference between security and privacy and therefore may not prioritize privacy appropriately.

Cybersecurity and privacy are key, says Kazi. But points out a caveat: “You can’t have privacy without security, but you can have security without privacy.”

She added, “Digital trust is increasingly becoming a board and C-suite priority, and privacy is a key component of digital trust.”


*Quick note: Thank you to the CFOs who took the time to answer the question: What was the most important thing you did before landing your first CFO job? (For example, was it networking, P&L management, or something else?) What prepared you for a CFO position? There’s still time to share your experience and insights with the next generation of CFOs in an upcoming column. Email me!

Until tomorrow.

Sheryl Estrada
sheryl.estrada@fortune.com

Sign up here to receive Daily CFO weekday mornings in your inbox.

Big deal

According to a report by Technavio, a global technology research firm, the global corporate leadership training market size is expected to grow by $18.59 billion between 2021 and 2026 at a compound annual growth rate of 9.51 %. North America is expected to account for 41% of market growth over the forecast period. One of the key trends in the corporate leadership training market is the emergence of gamification in corporate training which is expected to positively impact the industry over the forecast period, according to the report.

Courtesy of Technavio

Go further

FICO (NYSE: FICO), an analytics software platform provider, has released its third annual “State of Responsible AI in Financial Services” report, developed in conjunction with market intelligence firm Corinium. Half of the 100 C-level AI leaders in the financial services industry surveyed said AI initiatives were a higher priority than 12 months ago. But 71% said their organizations had not implemented ethical and responsible AI in their core strategies. Only 8% of respondents say their AI strategies are fully mature with constantly scaling model development standards.

Ranking

Patrick Hallinan was appointed EVP and CFO at Stanley Black & Decker (NYSE: SWK), beginning April 6. Hallinan, who succeeds interim chief financial officer Corbin Walburger, will report to Donald Allan Jr., president and chief executive officer. Walburger will return to his former role as vice president of business development. Hallinan joins Stanley Black & Decker from Fortune Brands Innovations, a home, security and commercial building products company, where he served as senior vice president and chief financial officer. He had a 17-year career with the company, including various finance and technology leadership and general management positions across all lines of business. Prior to Fortune Brands, Hallinan worked at Booz Allen Hamilton as a director in the company’s automotive, aerospace and industrial goods practice.

david barry was appointed EVP and CFO at Fortune Brands Innovations, Inc. (NYSE: FBIN), beginning March 2. Barry will succeed Patrick Hallinan. Barry has served as Senior Vice President of Finance and Investor Relations at Fortune Brands since April 2021. Prior to that, he served as Chief Financial Officer and Senior Vice President of the company’s water segment. He joined the company in 2015 as Senior Director of Financial Planning and Analysis, Strategic Planning and Business Development and was promoted to Vice President of Finance in 2017. Prior to his time at Fortune Brands, Barry has held various senior financial positions with JM Huber Corporation.

Understood

“The latter stages of the bear market are always the trickiest, and we have been on high alert for such counterfeits. Suffice to say, we are not biting on this recent rally because our work and process is so compelling to the downside on earnings.

—Mike Wilson, chief investment officer of Morgan Stanley and chief U.S. equity strategist, wrote in a research note on Sunday. Although the S&P 500 has jumped more than 5% since the start of the year, Wilson believes that corporate earnings should still suffer, which would make the rise another rally in the bear market, Fortune reported.

This is the web version of Daily CFO, a newsletter about the trends and people shaping corporate finance. Sign up to receive it for free in your inbox.

Source link

Leave A Reply