The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Chief Financial Officer

  • From Vol. 1 No.10 (Aug. 12, 2015)

    Can an Employee Be Liable for Inadvertently Providing Security Details to a Fraudulent Caller?

    An investment management firm’s CFO allowed a fraudulent caller to obtain security details leading to the illegitimate transfer of nearly $1.16 million from the firm’s accounts and is liable for the damages, a new claim filed in the U.K. High Court of Justice alleges.  The firm says that its CFO acted negligently and in breach of his contractual, tortious and fiduciary duties in failing to protect assets in corporate bank accounts.  The CFO – who believed he was providing security details to a member of the anti-fraud team of the firm’s’ private bank – denies these allegations, asserting that he was acting honestly, in what he reasonably and genuinely believed to be the best interests of his employer.  We examine the claim, the defense, and six issues the case raises relating to cybersecurity and employees.  See also “Analyzing and Mitigating Cybersecurity Threats to Investment Managers (Part One of Two),” The Cybersecurity Law Report, Vol. 1, No. 3 (May 6, 2015); Part Two of Two, Vol. 1, No. 4 (May 20, 2015).

    Read Full Article …
  • From Vol. 1 No.10 (Aug. 12, 2015)

    Surveys Find Internal and Third-Party Cybersecurity Risks Among Top Executive Concerns

    Corporate executives, even those with great defense resources, consider cybersecurity one of the most worrisome issues they confront.  In this article, experts from Deloitte, Protiviti and the Santa Fe Group dissect the results of two recent studies.  Greg Dickinson, a director at Deloitte who leads the quarterly survey “CFO Signals: What North America’s top finance executives are thinking – and doing,” explained how and why many CFOs are feeling unprepared for cybersecurity threats.  In addition, while discussing the “2015 Vendor Risk Management Benchmark Study: The Shared Assessments Program and Protiviti Examine the Maturity of Vendor Risk Management” Rocco Grillo, cybersecurity managing director at Protiviti, and Gary Roboff, senior advisor to the Santa Fe Group and manager of its Shared Assessments Program, explain how the finance industry outperforms others in third-party risk management and stress the importance of risk committees and data mapping.  See also “Ponemon Study Finds Increasing Data Breach Costs and Analyzes Causes,” The Cybersecurity Law Report, Vol. 1, No. 5 (Jun. 3, 2015).

    Read Full Article …