Cybersecurity Awareness Month 2025: 11 Tips for Finance Departments 

Summary

Experiencing paranoia-like symptoms that impostors are trying to deceive you? Mmm… sounds like you work in a finance department.

Finance professionals are more likely to be targeted by phishing attacks – the most common type of cyber crime – than any other individuals in an organisation. Since this attack method relies on pretending to be someone you are not to solicit sensitive information or steal money, feeling under threat is a healthy response.

In fact, in the world of cyber security, we never call extreme scepticism paranoia. We encourage it. We even teach it. We call it Zero Trust.

For Cybersecurity Awareness Month 2025, we decided to provided targeted support to a group that needs it more than most. We’re going to get first-hand information from Intersys’ Finance Manager Julie Sutton about what to look out for when it comes to phishing scams and what you should do to keep your organisation safe. Our chat with her is based on real scams she’s seen hitting our inboxes and reveals what a cyber security company considers to be best practice. We’ll also get a perspective from Claire Geyman, Director of Finance and Commercial Excellence on why cyber security needs to be a board-level concern.

We’re then going to hand over to our Head of Cyber Security Jake Ives, who will provide 11 Cyber Security Tips for Finance Departments.

Finance department phishing – stories from the front line

Heard the one about the finance employee on a video call getting duped by deepfake avatars imitating his boss and colleagues – and losing his company $25 million? While this is a true, and chilling, story, Julie Sutton’s experience suggests the vanilla brand of phishing emails is frequently the one to watch out for.

We’re talking about the ubiquitous business email compromise (BEC), a phishing attack where criminals impersonate a trusted person via email to trick employees into releasing funds or sensitive information.

Says Julie, ‘This type of email is definitely getting more sophisticated. The quality has improved significantly – you really have to look carefully now. Sometimes you’re even going to think, “Is it or isn’t it?” and admit you genuinely don’t know if it is authentic or not.’

These aren’t occasional emails, either. Says Julie, ‘We are a constant target because we’ve had contact with hundreds of organisations. When a trusted organisation is hacked, attackers use the company email to send highly convincing phishing emails. Because these come from a genuine system, they often bypass filters and reach our inbox.’

Still, says Julie, she has never succumbed to a phishing scam.

Which brings us to the question: how does a cyber security company ward off these attacks and prevent fraud in its own systems? And what can others learn from its best practice? 

According to Julie, more than any individual protection measure (and there are plenty of those), a company culture that encourages cyber vigilance at all costs is key. She says, ‘Because our leadership team is supportive, I am never afraid to raise a query. If a supplier got paid late because I double checked an invoice, I wouldn’t get told off.’ This encouragement to take your time and assess means Julie can use her common sense to assess a situation. ‘If I get an email supposedly from our MD Matthew Geyman saying, “I need you to urgently transfer money” – and, yes, this attempted fraud has occurred – I take the time to look at the email’s properties and investigate.’

Julie offers this useful piece of advice. Don’t let criminals play your emotions. She says, ‘So often, criminals try to trigger our emotions, to get us to do things unthinkingly and quickly. When I hear, “I need this paid urgently” – that sense of panic and fear – I will check the communication, regardless of whether it may lead to a delay.’

If Julie is still in doubt as to an email’s status, she feels fully confident picking up the phone and contacting a supplier, because she knows Intersys’ management supports her in verifying this way. And if a supplier changes bank details, she checks as a matter of course. She says, ‘In that case, we would pick up the phone to the supplier or email a known contact to check with them.’

What to do with fraudulent emails

When Julie discovers an email she believes may be fraudulent, she also follows an approved Intersys protocol to alert colleagues. This involves:

1. Checking file properties and headers to investigate the email’s source and identify that it is likely to be bogus
2. Taking a screenshot of the email using a snipping tool
3. Sending the collected header information along with a screenshot to the team, to raise awareness; and CCing our compliance and security team for further analysis
4. Contacting any third-party if the bogus email is from a genuine account, which suggests they may have been hacked.

Crucially, Julie’s approach does not involve forwarding the offending email – an absolute no-no.

All of the Intersys team is expected to complete training in cyber awareness on subjects such as how to report phishing emails and common or emerging attack methods. They are also kept on their toes with simulated attacks. If they click on or forward a simulated phishing email, they receive extra training.

A final word from Julie on the importance of verifying emails.

‘If in doubt, check. That’s the main thing – whether that’s checking with superiors or colleagues, or contacting the customer or supplier by picking up the phone. Take your time and don’t be pushed to make a payment. If it takes two days to check, so be it – it takes two days. And if your respondent says they’re trapped in another country and can’t get home, well, that definitely won’t be true…’

11 Cyber security tips for finance departments 

To complement Julie’s experience and advice, we asked Intersys’ Head of Security Jake Ives to provide 11 tips for finance departments. Here’s what he had to say:

System-Wide Security Measures

1. Enforce Strong Access Controls

Use multi-factor authentication (MFA) across all financial systems and applications, preferably using authentication apps rather than SMS verification. Also, apply the principle of least privilege (PoLP) to ensure users only access systems essential to their role.

2. Implement Separation of Duties

A golden rule: no single employee should be able to both create and authorise payments. Establish clear approval workflows that require multiple team members to validate financial transactions.

3. Secure Financial Data

Encrypt all financial data, using industry-standard encryption protocols. Ensure that data is encrypted at rest (when it’s stored and not being actively transmitted), all actions are logged for audit purposes and information is stored in a region that meets recognised security standards. Don’t be afraid to ask the supplier about their security accreditations, and when they last performed a penetration test and the outcome.

4. Maintain Regular Backups

Follow the 3 – 2‑1 backup strategy: maintain three copies of critical data on two different media types, with one copy stored offline. And test backup restoration regularly to ensure you can actually recover data.

5. Monitor for Anomalous Activity

Use automated monitoring to detect unusual user behaviour, unauthorised access attempts and suspicious transaction patterns. Set up alerts to inform you immediately in the event of anything suspicious. (Find out more about this monitoring feature, which is standard in our Cyber Security as a Service (CsaaS))

6. Develop Incident Response Procedures

Create and maintain a documented incident response plan. This should define clear roles and escalation procedures. 

7. Create a Security First Culture

Encourage team members to question and scrutinise – without fear of reprisal for delaying communications or payments. Also, include a clear and safe protocol to report phishing emails to senior staff and compliance bodies.

8. Know Your Supply Chain

Regularly audit your supply chain to identify all vendors and partners, enabling quick communication and breach containment when incidents occur. Map your weakest links and prioritise organisations with access to sensitive data or financial systems. Require these high-risk partners to demonstrate robust security practices and maintain compliance with your security standards.

Individual Vigilance and Training

8. Provide Targeted Security Training

Conduct regular phishing simulations and security awareness training specific to finance department risks. Focus on business email compromise, invoice fraud and social engineering tactics targeting financial processes.

9. Verify All Payment Change Requests

Never process changes to supplier bank details based solely on email requests. Always verify payment changes through direct contact using previously established phone numbers or trusted communication channels.

10. Resist Pressure Tactics

Be suspicious of urgent payment requests that bypass normal verification procedures. Establish protocols that require additional verification for time-sensitive financial transactions.

A final word from Claire Geyman, Intersys’ Director of Finance and Commercial Excellence, ‘We were very keen for this year’s Cybersecurity Awareness Month to raise the growing threat of cyber crime to individuals in finance roles. Protecting financial departments – and organisations as a whole – should be a board-level issue, because the financial impact of a cyber attack can be catastrophic, affecting a company’s reputation, shareholder value and regulatory standing. 

‘Organisations need to understand cyber risks as a business risk, not just an IT problem. In other words, yes, they need to ensure staff at the front line are vigilant and sceptical about unusual activity – and train them to that end. But they also need to consult with their cyber security provider to ensure there are system-wide security measures in place to minimise the possibility of a breach – and, crucially, to contain the impact of any breach should one occur.’

Find out more about cyber security services from Intersys. Or get in touch now to find out how we can shore up security in your finance department and across your organisation.