Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead

February 8, 2023

3 Min Read


NEW YORK, Feb. 8, 2023 /PRNewswire/ -- Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations' accounting and financial data to increase in the year ahead, according to a new Deloitte Center for Controllership poll. Yet just 20.3% of those polled say their organizations' accounting and finance teams work closely and consistently with their peers in cybersecurity.

During the past 12 months, 34.5% of polled executives report that their organizations' accounting and financial data was targeted by cyber adversaries. Within that group, 22% experienced at least one such cyber event and 12.5% experienced more than one.

"Accounting and financial data is the lifeblood of organizational operations — and often meant to be kept confidential outside of highly regulated public disclosures for publicly traded organizations," said Temano Shurland, a Deloitte Risk & Financial Advisory principal in finance transformation, Deloitte & Touche LLP. "While there may not have been much need for accounting, finance and cyber teams to work closely in the past, recent years have shown that's no longer the case. We strongly recommend that these teams try to 'learn each other's languages' and tighten their working relationships across silos."

Looking to the year ahead, 39.5% of respondents expect to increase the amount of collaboration between their finance and cyber teams. Currently, the majority (42.7%) of polled leaders say their organizations' finance and cyber teams only work together as needed with inconsistent closeness and consistency, while 11.1% do not work together at all.

"As cyber incidents increase in frequency, size and complexity, adversaries target nearly any data obtainable and by leveraging system vulnerabilities," said Daniel Soo, a Deloitte Risk & Financial Advisory principal in cyber and strategic risk, Deloitte & Touche LLP. "Implementing financial security operations — something you could call FinSecOps — means protecting financial data. Asking finance, accounting and security functions to team closely to manage FinSecOps is one preventative step we're seeing leading organizations take, so that they are agile enough to mitigate threats to financial data and help enable business growth."

About the online poll

Over 1,100 C-suite and other executives were polled during a recent Deloitte Center for Controllership webcast, titled "Cyber's growing role within the finance organization to enable transformation," on Oct. 26, 2022. Answer rates differed by question.

About Deloitte

Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Building on more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte's approximately 415,000 people worldwide connect for impact at

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see to learn more about our global network of member firms.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights