While your journey is unique to your organization, most budget challenges and successes are repeated across industries, no matter how many budgets you manage. We’ll show you how probable loss events impact revenue and unbudgeted expenses. You can adjust resource allocation to ensure better planning, budgeting, and cash management.
If this is the year you will improve planning for growth and loss avoidance, you should read this article.
Demands for your time and attention far exceed Monday through Friday, 8:00am to 5:00pm. You are a senior executive, advisor, and leader within your organization. You remain stretched as you pull levers to improve financial performance to fuel growth.
Cost management, capital allocation, and IT infrastructure are priorities. Add to that helping your company address talent/labor shortages and enterprise risk management.
You likely focus on increasing margins, improving efficiencies, managing costs, and monitoring performance milestones to enhance financial performance. Pricing is a significant concern as inflation increases input costs.
Conflict Through Structure
It is common across industries that IT reports to the CFO. There are several reasons, and the most common answer is cost management. The majority of people in IT leadership are talented and take their position of responsibility seriously.
An employee has what the law calls a fiduciary duty toward their employer. Three of the employee’s specific fiduciary duties include:
- the duty to account for profits or render benefits of the undertaking to the employer
- the duty not to act as, or account of, an adverse party without the employer’s consent
- the duty to deal fairly with his employer in all transactions between them
Herein lies the conflict of the structure. Senior IT personnel submit funding requests to address organizational problems related to data security. These funding requests may include software, hardware, and consulting services. These investments are needed to secure critical workflows that support delivering products and services to your customers.
The Hidden Problem
We do not suggest that you blindly approve all funding requests. We ask that you consider the burden you place upon your team. They raised concerns about data security that will impact your ability to meet financial performance targets during business disruption events.
It requires humility for your senior IT member to ask for help. They realize they need assistance to uphold their fiduciary duties to you and the organization. They want to take the proper steps to support and protect the business, but they are often rejected and turned away.
May I be direct? When your senior IT person comes to you in a vulnerable moment to ask for help, have you replied with:
- That is why we pay you.
- Figure it out on your own.
- You give it a try, and we’ll see what happens.
- Let’s table that conversation for now.
Are these decisions based on future cash flows or expected benefits? This scenario is how cost containment turns into unbudgeted expenses, revenue declines, and reduced equity during extended recovery efforts.
“As the number of companies that are forced to pay ransoms to regain control of their networks and data increases, so does the number of hackers attracted to this type of lucrative threat,” McKinsey said in a 2022 report.
CFOs need to account for other costs of a ransomware attack. These variables include lost revenue, payments to law, public relations, negotiation firms, and opportunity costs as “executives and specialized teams turn away from their day-to-day roles for weeks or months to deal with an attack and its aftermath,” McKinsey stated.
According to estimates cited by Moody’s Investors Service, total ransomware payments doubled in 2021 compared with 2020.
Business interruption costs following a ransomware attack more than doubled over the past year, increasing from $761,106 to $1.85 million in 2021, with downtime averaging 23 days, according to an Allianz Global Corporate & Specialty report.
According to FitchRatings, “Entities are also experiencing diminishing coverage limits, forcing some entities to purchase multiple policies to achieve the desired level of coverage.”
Ransomware has dominated the cyber threat landscape in recent years: it ranks as the top cyber exposure of concern in this year’s Allianz Risk Barometer 2022 (57% of responses), just ahead of data breaches (also 57%).
If you renew your cyber policy, you are probably looking at steeper rates, higher deductibles, and even co-insurance than just a year or two ago. Transferring risk depends on finding a carrier to provide competitive terms for your insurability, assuming your adherence to more stringent data security.
You know of several companies that experienced business disruption caused by ransomware. The emphasis on generating more revenue and optimizing capital structures to finance growth strategies must include data security initiatives.
Laying out a clear roadmap that leads to business success includes the identification of pitfalls. We assist forward-looking executives and technical teams who will use shared knowledge and data to improve risk judgment calls, to be less wrong over time. We believe that capital and time are terrible things to waste.
In support of your collective fiduciary duties, we assist to:
- Build a business case for organizational buy-in
- Understand and align with the key stakeholders
- Build out a phased implementation plan
- Accelerate the timeline between investment and result
- Share the pitfalls to avoid
The First Step
As the executive sponsor, collaboration improves your understanding. As IT discloses concerns without fear of ridicule or finger-pointing, we collectively will map how probable loss events can impact revenue and unbudgeted expenses.
You can feel confident adjusting resource allocations to ensure better planning, budgeting, and cash management. When would you like to start? Click this link to schedule a time to talk about your needs.
Shared understanding is a force multiplier that allows for effectiveness through higher-value conversations, knowledge transfer, and actionable insights. Improved decision-making awaits as you focus on budget preparations. We look forward to collaborating with you.
As a proud supporter of American companies, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for manufacturers and supply chains throughout the United States.
Problem discussions can be a defining moment in your career. If you are interested in value creation, learn about SPOT-Beam™ by Certitude Security®. We look forward to helping you and your business succeed!