5 Top Cybersecurity Priorities for CFOs

According to 2025 research by Protiviti, cybersecurity risks are the second-highest risks executives face, just behind economic conditions. A Forbes article on the study especially noted why chief financial officers (CFOs) are concerned about cybersecurity:

“Cyber threats represent the second-ranked near-term risk for CFOs, as well as for board members and C-suite leaders… CFOs in public companies are especially focused on cybersecurity due to cyber disclosure requirements in the United States and other countries. Cyber threats also correlate with escalated geopolitical risks. And cyber threats, once realized in the form of cyber incidents, can be extremely expensive.”

Cybersecurity is thus clearly top-of-mind for industry-leading CFOs.

But what exactly are they nervous about?

A lot — and with good reason. Here are just some potential impacts of a cyber incident that fuel CFO cybersecurity concerns:

• Financial Losses: Cyber incidents can lead to significant financial losses due to both direct costs (e.g., remediation, legal fees, and potential ransom payments) and indirect costs (e.g., lost revenue and business interruptions).
• Reputational Damage: A cyber breach can severely damage an organization's reputation, leading to loss of customer trust and investor confidence. Even worse, this consequence can negatively impact the organization's long-term market position and brand value.
• Regulatory Penalties: Non-compliance with cybersecurity regulations can result in hefty fines and legal penalties. Not to mention, cyber incidents often trigger regulatory scrutiny, which can further increase costs and complicate recovery efforts.
• Operational Disruption: Cyber incidents can disrupt business operations, causing downtime and lost productivity. Since disruptions can hurt the ability to deliver products and services, organizations can face further financial losses and customer dissatisfaction.
• Loss of Sensitive Data: Breaches can result in the loss or theft of sensitive data, including customer information, intellectual property, and financial records. While the loss of data can lead to further financial and reputational damage, organizations also face potential legal liabilities.
• Increased Security Costs: Following a cyber incident, organizations often must invest heavily in improving their cybersecurity measures to prevent future breaches. The increased costs can stem from adopting new technologies, implementing training programs, and hiring additional security personnel.

Below, we’ve compiled five common CFO cybersecurity concerns and what to do about them.

1. Insider Threats

“Insider threats” refer to security risks originating from individuals within an organization who have authorized access to systems, data, or networks. Whether intentional (e.g., malicious actions by disgruntled employees) or unintentional (e.g., accidental data leaks due to negligence), insider threats are serious concerns.

Here are five key takeaways for CFOs looking to mitigate insider threats:

• Implement Robust Access Controls: Restrict access to sensitive information based on the principle of least privilege. Regularly review and update permissions to ensure they align with current roles and responsibilities.
• Conduct Regular Training and Awareness Programs: Educate employees about the risks of insider threats and the importance of cybersecurity. Implement regular training sessions to help employees recognize and avoid risky behaviors.
• Monitor and Audit User Activity: Continuously monitor and audit user activities to detect unusual or suspicious behavior. Utilize advanced analytics and machine learning tools to identify potential threats.
• Develop a Comprehensive Response Plan: Create and regularly update an incident response plan that includes steps for identifying, containing, and mitigating insider threats. Ensure the plan is tested and well-communicated.
• Foster a Positive Work Environment: Encourage a culture of transparency and trust within the organization. Promptly address employee grievances to reduce the likelihood of malicious insider actions.

2. Supply Chain Attacks

As cyberattacks, supply chain attacks target vulnerabilities within an organization's supply chain, often focusing on less secure elements (e.g., third-party vendors, suppliers, software components). These attacks can involve injecting malicious code into software updates, compromising hardware components, or exploiting weaknesses in the security practices of suppliers.

CFOs can take several proactive measures to mitigate supply chain attacks and protect organizations. Here are five key strategies:

• Diversify Suppliers: Avoid relying on a single supplier or region, which increases vulnerability. Work with procurement teams to identify and engage multiple suppliers across different regions to reduce risk.
• Conduct Regular Security Assessments: Perform thorough security assessments of all suppliers and third-party vendors. Ensure they adhere to stringent cybersecurity standards and practices.
• Implement Advanced Monitoring Tools: Utilize technologies such as honeytokens and advanced analytics to continuously monitor the supply chain for suspicious activities. Watch for early warnings of potential breaches.
• Enhance Communication and Collaboration: Foster strong communication and collaboration with suppliers to ensure they are aware of cybersecurity expectations and protocols. Regularly share insights and updates to stay ahead of potential threats.
• Develop a Comprehensive Incident Response Plan: Create and regularly update an incident response plan that includes steps for identifying, containing, and mitigating supply chain attacks. Ensure the plan is tested and well-communicated.

By implementing these strategies, CFOs can significantly reduce the risk of supply chain attacks and enhance overall organizational security.

3. Malware

Short for "malicious software," malware refers to any software intentionally designed to cause disruption, leak information, or gain unauthorized access to computers or networks. Common types of malware include viruses, worms, Trojan horses, spyware, and adware. Malware can steal, encrypt, or delete data; alter or hijack core computer functions; and spy on computer activity without the user's knowledge.

Here are five distinct strategies CFOs can use to mitigate malware:

• Implement Network Segmentation: Divide the network into smaller, isolated segments to limit the spread of malware, which helps contain infections and prevents them from affecting the entire network.
• Regularly Patch and Update Systems: Ensure all software and systems are regularly updated with the latest security patches, which reduces vulnerabilities that malware can exploit.
• Deploy Intrusion Detection Systems (IDS): Use IDS to monitor network traffic for suspicious activities and potential malware intrusions, ensuring organizations get early warnings and can respond quickly.
• Utilize Threat Intelligence: Leverage threat intelligence services to stay informed about emerging malware threats and trends, which allows for proactively adjusting security measures based on the latest information.
• Conduct Penetration Testing: Regularly perform penetration testing to identify and address security weaknesses before they can be exploited by malware, which helps strengthen the organization’s overall security posture.

By implementing these strategies, CFOs can significantly reduce the risk of malware attacks and enhance overall organizational security.

4. Ransomware

Ransomware is a type of malware that encrypts or locks a victim's data or device, demanding a ransom payment to unlock or decrypt it. There are two main types of ransomware:

• Encrypting Ransomware: This type encrypts the victim's data, making it inaccessible until a ransom is paid to obtain the decryption key.
• Non-Encrypting Ransomware: This type locks the victim's device, typically blocking access to the operating system and displaying a ransom demand.

Ransomware attacks can be highly disruptive and costly, often involving double-extortion tactics where attackers threaten to leak stolen data if the ransom is not paid.

To mitigate ransomware attacks and protect their organizations, CFOs can take several proactive measures. Here are five key strategies:

• Implement Robust Backup Solutions: Regularly back up critical data and ensure backups are stored securely and offline. Doing so helps with quickly restoring data without paying the ransom.
• Conduct Regular Training and Awareness Programs: Educate employees about the risks of ransomware and the importance of cybersecurity. Regular training sessions can help employees recognize and avoid phishing attempts and other attack vectors.
• Enhance Endpoint Security: Invest in advanced endpoint security solutions that can detect and block ransomware before it infiltrates the network. All devices should be equipped with up-to-date antivirus and anti-malware software.
• Develop a Comprehensive Incident Response Plan: Create and regularly update an incident response plan that includes steps for identifying, containing, and mitigating ransomware attacks. Ensure the plan is tested and well-communicated.
• Implement Multi-Layered Security Measures: Use a combination of firewalls, intrusion detection systems, and encryption to create a robust defense against ransomware. Regularly audit and update these measures to address evolving threats.

5. Deepfakes

A deepfake is a type of synthetic media where images, videos, or audio recordings are manipulated using artificial intelligence (AI) to make them appear real. By convincingly altering someone's face, voice, or actions, this technology can make it look like someone said or did something they never actually did. Deepfakes of finance executives and chief executive officers (CEOs) are becoming more commonplace and more dangerous.

CFOs can take several proactive steps to mitigate and deter deepfake attacks:

• Enhance Authentication Methods:
  • Multi-Factor Authentication (MFA): Implement MFA to require multiple forms of verification, making it harder for unauthorized access.
  • Advanced Biometric Systems: Use liveness detection technologies that analyze subtle human behaviors (e.g., eye movements, micro-expressions) to differentiate between real users and synthetic impersonations.
• Invest in Detection Technologies:
  • AI-Powered Detection Models: Utilize robust AI-powered models to analyze audio, video, and images for signs of manipulation, and continuously update models to keep pace with evolving deepfake capabilities.
• Limit Public Exposure:
  • Social Media Caution: Be cautious about posting personal material on social media as the content can be used to create deepfakes.
  • Controlled Access: Minimize the number of publicly available informal photos and carefully guard who can see personal social media content.
• Educate and Train Employees:
  • Awareness Programs: Conduct regular training sessions to educate employees about the risks and signs of deepfake attacks.
  • Verification Processes: Implement strict verification processes for sensitive transactions and communications.
• Monitor External Threats:
  • Social Media Monitoring: Monitor social media and other public channels for unauthorized use of the organization’s name, logo, or executive identities.
  • Third-Party Partnerships: Strengthen operational resilience by addressing vulnerabilities across supply chains and third-party partnerships.

By adopting these strategies, CFOs can significantly reduce the risk of deepfake attacks and protect organizations from potential financial and reputational damage.

More Cybersecurity Issues for CFOs?

In 2025, addressing CFO cybersecurity concerns is a critical priority as the landscape of cyber threats continues to evolve and become more sophisticated. The financial, reputational, and operational impacts of cyber incidents can be devastating, so CFOs must stay vigilant and proactive. By focusing on key areas such as insider threats, supply chain attacks, malware, ransomware, and deepfakes, CFOs can implement robust strategies to protect organizations.

Investing in advanced technologies, enhancing authentication methods, conducting regular training, and fostering strong communication with suppliers and employees are vital steps in mitigating these risks. As cyber threats correlate with geopolitical risks and regulatory requirements, CFOs must also ensure compliance and resilience across their operations.

Ultimately, a comprehensive and dynamic approach to cybersecurity enables CFOs to safeguard their organizations against ever-present and evolving cyber threats, ensuring long-term stability and success.

What else are CFOs concerned about in 2025? Check out our latest eBook, “A CFO's Guide to Global Uncertainty.”