Why investing in cybersecurity just became a 'must-have' for CFOs

Good morning. As the U.S.–Iran conflict continues, banks and corporations face heightened risk of Iranian or proxy cyberattacks—not only on their systems but also on the vendors and service providers that support finance operations.

For CFOs, this is no longer a back-office IT issue; it’s a balance sheet, liquidity, and disclosure risk.

“We’re in the midst of annual planning cycles and insurance renewals, which makes this the critical window for CFOs to reassess vendor cyber resilience and coverage adequacy,” Joy Mbanugo, CFO of CXApp Inc., a workplace experience and employee engagement platform, told me. “Investing in cybersecurity is no longer a nice-to-have; it’s a must-have, right alongside AI investment, given the geopolitical landscape we’re operating in today.”

CXApp is treating vendor cyber risk as a material enterprise risk, integrating resilience assessments into its framework, updating incident playbooks, and aligning insurance coverage with vendor exposure, according to Mbanugo. “It’s essential to safeguard sensitive data and maintain stakeholder trust, which means moving from reactive incident response to proactive risk quantification with the same rigor we apply to any material balance sheet risk,” she said.

Why investing in cybersecurity just became a 'must-have' for CFOs | Fortune

Other newsrooms on this story

Related reading

Cybersecurity professionals under pressure turn to AI amid rising threats |…

CFOs chart a course for crypto in corporate finance

Companies are now on the front lines of war. They need to act like it | Fortune

For CEOs, it’s time for a wartime mindset | Fortune

Every Fortune 500 CEO's nightmare: the Iran War and the Pandora's Box of AI…

The lead U.S. cyber agency is stretched thin as Iran hacking threat escalates