Finance teams: the unexpected front line

When most people think about cyber security, they picture IT departments and firewalls. But increasingly, attackers are bypassing the technical perimeter and going straight for the people who hold the purse strings.

Finance and accountancy (F&A) professionals handle sensitive data, authorise payments, and interact with vendors: all prime opportunities for cybercriminals looking to manipulate systems or people. In fact, business email compromise (BEC), fake invoice scams, and internal fraud schemes often originate within finance teams, whether due to process gaps, social engineering, or a simple lack of cyber awareness. Yet, many finance teams still see cybersecurity as “someone else’s job.”

Similar issues persist in many other industries, with those in front-line roles vulnerable to attack. This is a dangerous blind spot. With global financial fraud losses topping $500 billion annually, finance, and other key department, leaders must now think of cyber risk as a core business risk – one that requires proactive controls, training, and collaboration with security teams.

Securing operations: from mindset shift to practical steps

The first step is recognising that cybersecurity isn’t only a technical issue; it’s a business issue. Therefore, all teams have a vital role to play in keeping the organisation safe and running effectively.

At BlackLine, we treat F&A professionals as key players in our security programme. We invest heavily in tailored security awareness training, including phishing simulations, and ensure our financial controls are designed with cybersecurity in mind. Dual approvals for payments, multi-factor authentication for system access, and regular audits of user permissions are standard practice.

Too often, a cyber-attack or fraud happens because of outdated processes or excessive trust in a single individual. Building layered controls – including in all financial processes – and pressure-testing them regularly, can drastically reduce risk.

Equally important is recognising third-party exposure. For example, finance and accounting teams often deal directly with vendors, payment processors, and banks – any of which can introduce vulnerabilities. As a result, due diligence, regular risk assessments, and clear escalation paths for when suspected issues and threats arise are essential components of a secure financial operation. Crucially, other departments would be wise to take similar steps to prevent potential third-party security issues arising.

Why communication is a CISO’s strongest tool

One of the most valuable skills I’ve developed over the years isn’t technical, it’s translation. Communicating cybersecurity risk in business terms is key to engaging stakeholders who don’t live and breathe threat landscapes.

During my time at BT, I learned how to frame security in the language of risk: not just cyber risk, but financial, operational, and reputational risk. That shift in perspective has allowed me to build stronger alignment between IT and business functions, especially in highly regulated industries like finance.

Being transparent about both successes and challenges is also critical. I set clear expectations with my team and the board about what we measure, why it matters, and where we need to improve. This builds trust and helps foster a culture where continuous improvement – not fear – drives action.

The rise of AI – and the risks that come with it

Of course, the cybersecurity landscape is always evolving. Right now, the integration of generative and agentic AIv tools is reshaping how all departments, including security teams, operate. These technologies offer incredible promise in automating tasks and detecting anomalies, but they also introduce new risks, from data leakage into public LLMs to inaccuracies that could undermine integrity, including in a financial sense.

It’s therefore vital that new AI solutions are not viewed as a silver bullet. They must be deployed carefully, with clear usage policies, regular reviews, and strong governance to prevent new threat types from gaining a foothold.

At our company, we’re investing in AI capabilities that complement – rather than replace – human oversight. And we’re ensuring that all employees, not just technologists, are trained to understand both the opportunities and limitations of these tools.

Cyber resilience in a borderless world

Cyber threats no longer respect geographic boundaries. While compliance requirements may vary by region, attackers don’t care whether your headquarters is in London, Los Angeles or Lagos. That’s why I advocate for setting a global “high bar” for security controls, rather than customising by country.

Taking finance professionals specifically, whether you’re a global CFO or an accountant at a mid-sized firm, the fundamentals remain the same: confidentiality, integrity, and availability – otherwise known as the CIA triad – must be preserved at all costs. And in the age of AI, that becomes even more complex.

Advice for the next generation

To those considering a career in cybersecurity, my advice is this: your perspective matters. My journey has taken unexpected turns, from tracking down hackers to building board-level security strategies. But if there’s one thing that hasn’t changed, it’s this: in cybersecurity, the human element is always the most important.

Jill Knesek is the Chief Information Security Officer at BlackLine.