Cybersecurity in the Cloud Era
Feb 26, 2018
On February 26, 2018, FEI Daily published an article on how as CFOs assume greater responsibilities for operational risk management, it’s critical to understand security, privacy, and compliance controls. Here’s the practical guidance needed to minimize cybersecurity risk with cloud vendors.
Cybersecurity is much more than securing access to applications and data, and proactively adapting to the ever-changing threat landscape. It’s also about enforcing strong controls for data integrity, protecting data from loss, and ensuring availability when the business needs it.
Finance leaders in the enterprise need to ask these questions not only about the applications they run internally, but also of their current and prospective cloud providers:
- What is our organization’s current exposure to cyber threats?
- How well are we prepared, and how well are our cloud providers prepared?
- What is our overall risk tolerance, and are our cloud providers aligned with this?
- Do we and our providers have processes in place to prevent, detect, contain, and respond?
- Are our providers investing to reduce risk of data loss or downtime?
- Do we and our providers have a thoroughly tested plan, so there is no delay in the event of an attack?
Review the full article on FEI Daily's website.
Related Topics
- AICPA Proposed Description Criteria for Management’s Description of an Entity’s Cybersecurity Risk Management Program [Completed]
- AICPA Proposed Revision of Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy [Completed]
- CIPFA: Exploring Accounting for the Cloud [Completed]