Time for CFOs to ask critical IT investment questions

CFOs must take a more active role in the digital transformation of today's companies, says Charl Ueckermann, CEO at AVeS Cyber Security.

Johannesburg, 17 Apr 2019
Read time 3min 50sec

Chief financial officers (CFOs) need to take a more active role in the digital transformation of today's companies. With an increase in shadow IT, where departmental staff bring technologies on board without consulting the IT department, the CFO should be asking critical questions to guide smart technology investment decisions.

"CFOs are often more comfortable to let colleagues in IT, marketing or other functions drive digital capabilities independently, with the allocated IT spend in their departmental budgets. However, the cost and risk benefits of being actively involved in the collective digital transformation efforts of the organisation far outweigh the efforts. Finance owns and manages the business information that is critical for such initiatives. Once a CFO realises that financial data is a key asset in predicting risk and creating new business models, they can play a vital role in ensuring that investments are strategic, align with business objectives, and don't chew up the budget.

"Overspending on countless point solutions has become prevalent in organisations where IT decisions are made at department or user level, without input from the CFO. With controlled spend on strategic initiatives, IT budgets can be optimised to align with business objectives, reduce risk and drive productivity," says Charl Ueckermann, CEO at AVeS Cyber Security.

CFOs thrive on predictability, but need to think out of the box when it comes to IT spend. This means understanding the role of IT in supporting business goals and managing risks.

"Protecting data and networks, and implementing appropriate systems, should be considered as an investment rather than a cost. The next-generation CFO will focus on the short-term impact as well as the long-term impact of cyber security breaches, and allow budget for IT innovation. This type of forward-thinking CFO will think differently about how the organisation generates its value, how it can boost its profitability and measure its business model against a different set of performance indicators.

"The chief information officer (CIO) will determine where the opportunities and needs lie for delivering IT to the organisation, and working with the CFO to ensure that investments are prioritised appropriately within budget will ensure that IT projects consistently produce a high return on investment for the organisation.

"Often, through this collaboration, truths emerge that existing enterprise IT systems are not being adequately leveraged and departments deploy point solutions that only solve their unique business needs. As a result, departments and data are in silos, and budgets are being wasted. Many companies are also not maximising the features available in the current systems," says Ueckermann, citing the widespread adoption of Microsoft Office 365 as an example.

"Many companies have moved to Microsoft Office 365 due to the simplicity in managing and costs associated with software licensing. But, how many organisations know about and actually leverage the full stack of features built into the core Office 365 platform? Probably very few.

"Just by consuming all the features within the current IT environment, and by stopping the use of point solutions to address individual business problems, companies can reduce both cost and risk. However, it takes the cognisance of the CFO to objectively scrutinise where, how and why money is being spent."

On IT security and the protection of company data specifically, Ueckermann points out that the threat landscape is constantly changing, with about five new malware types discovered every second of the day, so it is no longer enough to carry on doing what has always been done; we need to protect organisations against future, yet unknown, threats. One way of addressing this growing business risk is restructuring budgets to allow for more spending on predictive IT security and less on reactive IT security systems. IT security is not an IT problem, it is a business imperative, and so is the organisation's need to become cyber resilient."

Ueckermann concludes: "Digital transformation is being prioritised to the top of the agenda within most large companies. CFOs should grab the critical-thinking reins and be involved in the strategic planning of IT investments and protecting data."

[1] https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-detects-360000-new-malicious-files-daily

AVeS Cyber Security

AVeS Cyber Security is a specialist IT governance and architectural services consultancy that combines expert knowledge and services with leading technology products to provide comprehensive information security and advanced IT infrastructure solutions. Over the past 21 years, AVeS Cyber Security has strategically honed its solutions and services to help southern African businesses future-proof their IT environments against the constantly evolving threat landscape, while achieving their digital transformation aspirations. The company offers a leading portfolio of professional services, products and training in security, infrastructure and governance solutions. In 2018, the company won eight awards from some of the world's top technology vendors, indicating competency, strength, innovation and robustness in an industry that is fast growing in complexity due to evolving challenges, such as ransomware, advanced targeted attacks and the Internet of things.

Editorial contacts
Echo Square PR Vickie Slabbert (082) 411 7602 vickie@echosquare.co.za
AVeS Cyber Security Chani Slabbert (+27) 11 475 2407 chani@aves.co.za