Cybersecurity has historically been seen as the domain of IT teams. It’s long been clear that finance operations have become a primary target and CFOs are now on the front line. Payments are no longer routine; they are high-stakes, real-time gateways where mistakes can cost millions and reputations overnight. Time and again, we’ve seen organisations blindsided not by a single incident, but by cumulative operational exposure that could have been mitigated. A recent reminder came with the 2023 MGM Resorts cyber-attack, where criminals infiltrated core financial and payment systems, shutting down hotel check-ins, locking digital room keys, halting casino transactions and ultimately causing an estimated $100 million in financial impact.
Recent Corpay research of 150 UK CFOs across the manufacturing, retail and wholesale sectors underscores the scale of the challenge: 99% of UK CFOs surveyed report experiencing a payments-related cyber incident in the past two years (1), with 42% naming cyber threats as one of their top operational risk. These aren’t just numbers – they reflect a fundamental shift in the CFO’s role. Finance leaders are no longer just stewards of the balance sheet; they are guardians of the organisation’s financial ecosystem.
The reality is stark. Legacy systems, fragmented workflows, and manual processes create gaps that cybercriminals exploit. In my experience, inefficiency and exposure go hand-in-hand. A delayed payment reconciliation, a siloed ledger, or a poorly monitored vendor relationship can become an entry point for sophisticated attacks.
This is where AI and automation come in. By streamlining Accounts Payable, expense management, and cross-border payments, AI can help reduce human error, limit manual touchpoints, and help detect suspicious activity in real-time. But automation alone is not enough. In my experience, I’ve seen organisations implement new technology without integrating it fully into existing workflows – the result is risk reduction in theory, but exposure in practice. For true resilience you need three specific elements: automation, integration and culture.
Real-time visibility is equally critical. Finance leaders need live insight into every transaction, every vendor interaction, and every cash position. Corpay’s research shows that while 94% of CFOs say real-time oversight is critical (4), only 64% feel their systems are currently up to the task (2). Without this visibility, even the most sophisticated finance teams are forced to react after the fact rather than anticipate risk.
Addressing this challenge requires more than technology alone; it demands a coordinated approach to process and culture. Finance, IT, and risk teams must collaborate seamlessly. Cybersecurity must be embedded across every stage of financial operations – from vendor onboarding to employee expenses, invoice processing, and international payments. CFOs must drive both efficiency and resilience, treating cybersecurity as inseparable from operational and financial performance.
What stands out from our experience is that CFOs who embrace this dual focus are able to turn risk into opportunity. The findings from the survey reflect the pressures facing finance leaders today as they work to manage risk, control costs, and modernise operations in an increasingly complex and interconnected payments landscape (3). Organisations that get this right will not only keep their assets safe, but they’ll also turn finance into a tool that helps the whole organisation adapt and grow.
Cyber risk is no longer a technical concern; it’s a financial imperative. In the era of sophisticated payments threats, CFOs have the opportunity to turn a challenge into a competitive advantage, protecting the organisation while transforming finance into a proactive, trusted partner for growth.
Methodology: the research, conducted by Censuswide between 08.09.2025 – 15.09.2025, surveyed 150 CFOs in the UK, aged 18+ excluding sole traders, in the following industries: Retail, Wholesale, Manufacturing. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.
(1). ‘Yes, significant breach’ and ‘Yes, minor incident’ answers combined.
(2). ‘Very confident’ and ‘Somewhat confident’ answers combined.
(3) . Methodology: the research, conducted by Censuswide between 08.09.2025 – 15.09.2025, surveyed 150 CFOs in the UK, aged 18+ excluding sole traders, in the following industries: Retail, Wholesale, Manufacturing. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.
(4). ‘Very important’ and ‘Somewhat important’ answers combined.
