SlideShare a Scribd company logo

Connectors: Cyber risk

Deloitte United States
Deloitte United States

In the realm of global business services, outsourcing, and shared services, cyber risk is quickly rising in importance, largely because companies are making big changes in those areas—in some cases fundamentally rewiring the ways in which processes and technologies are coordinated to deliver services. That’s a recipe for opportunity—and for cyber risk. http://www2.deloitte.com/us/en/pages/operations/articles/cyber-risk-management-in-service-delivery-transformation.html?id=us:2sm:3ss:connectors:awa:sdt:030416:cyberrisk

Business
1 of 6
Connectors Cyber risk A quick-reference guide to how it plays out in global business services, shared services, and outsourcing Service Delivery Transformation
Connectors Cyber risk in service delivery transformation In the realm of global business services, outsourcing, and shared services, cyber risk is quickly rising in importance, largely because companies are making big changes in those areas—in some cases fundamentally rewiring the ways in which processes and technologies are coordinated to deliver services. That’s a recipe for opportunity—and for cyber risk. When an organization transforms its approach to any part of its business, one of the primary questions is often “what are the tax implications?” It’s a necessary question that switched-on leaders ask. In the same way, such shifts are triggering forward-thinking leaders to ask the necessary cyber security question: “How is our organization exposed further to cyber risk as a result of these changes?” It’s a particularly relevant question in the arena of service delivery transformation, where some big changes are unfolding—changes that result in risk. Meanwhile, risk fuels performance. How to strike the right balance? Those that can remain secure, vigilant, and resilient in the face of healthy levels of risk can gain a competitive edge. There are two critical dimensions to the issue of cyber risk in service delivery. First, there is amplified risk that comes from shifting how, where and by whom services are delivered. But also, cyber risk management is emerging as a core, necessary service to the organization– just like Human Resources (HR) is a service, or Finance. What’s more, cyber risk management has deep financial, regulatory, and operational implications. In this issue of Connectors, we’ll examine these dimensions. 2  Connectors  Cyber risk
3  Connectors  Cyber risk Big data, big problems As organizations become increasingly interdependent on critical services, the scale and location of data becomes more complex to manage. In a recent high-profile data breach, the Office of Personnel Management (OPM), a large government agency responsible for soliciting and protecting a tremendous amount of sensitive information on behalf of other governmental departments, was compromised on a massive scale. Partly because of the sheer scale and volume of information held by OPM, it was difficult to zero in on which data types were the most important. Further, the data was scattered across servers hosted by other organizations. While the sensitive information clearly required an elevated approach to security, in the end, that was exactly the data that was compromised— along with many other types. Issues go beyond compliance Whether it’s a retail organization concerned about credit card data standards, a medical device company working to remain Food and Drug Administration (FDA) compliant, or a bank striving to protect customer account data, compliance is a big issue in cyber risk management. When these organizations shift service delivery to centers or offshore, compliance can be an issue— one so big, in fact, that it can obscure other important cyber security issues. For example, companies may be so focused on European Data Protection compliance that they fail to evaluate threat actors, or overlook options such as cyber insurance. What’s important? You may be surprised “Protect the crown jewels.” It’s smart advice for anyone working in the realm of cyber risk management. But for company leaders accustomed to reading about high-profile data breaches in the news, it can be easy to assume that their own data is unimportant, much less determine which of it is most important: “We run a mining company—who on earth would be interested in our data?” Yet losing the availability of quality-related data on a hosted or outsourced system has the potential to create supply chain havoc and disrupt cash flow. The key is to consider not only which data might be useful to outsiders, but which could cause the most disruption if it were unavailable for some reason. It’s not as simple as it sounds, which is why there are a number of exercises routinely used to identify and rank data by its importance. Pinpoint the factors contributing to your cyber risk profile1
4  Connectors  Cyber risk It’s about intelligence— not just control In the face of new opportunities like those introduced by service delivery transformation, it’s tempting for leaders, such as Chief Information Security Officers (CISOs), to simply shut down pathways that are seen as particularly risky. This approach is basically a way to exercise control, often at a time when leaders need to instead be opening the door to more innovation and increasing speed to market. At times like these, CISOs should be working with their business counterparts to develop more risk-intelligent management protocols. “Yes, and…” In reality, many business users will end- run the rules in order to take advantage of new capabilities, raising rather than reducing the cyber risks involved. Innovation often outflanks policy. Cyber risk management leaders have to figure out ways to say “yes, and…” rather than “no”—particularly in the rapidly evolving space in which core services are delivered to the business. Enable and protect2 Real consequences In the midst of a massive acquisition, a global pharma remained laser- focused on maintaining system validation compliance with FDA guidelines on day one. On the first- day go-live, the company was indeed compliant—but it soon realized that it had exposed certain non-regulated assets to a considerable amount of risk. And this wasn’t just vulnerability to external threats. Along the way, the integrity and availability of operational and intellectual property information was compromised—no small issue for pharma companies, which depend on intellectual property as their lifeblood.
5  Connectors  Cyber risk Identify exactly how specific business goals are contributing to risk What cyber risks are generated by your business objectives? Is a rise in business partnerships contributing to greater risks to confidential information? Are offshore centers in limbo due to the constantly shifting cross-jurisdictional data transfer environment? If third parties are handling critical information, are you exposed to a lack of contractual protections? Questions like these can help you anticipate your adversaries, identify which assets they’re most interested in, and which tactics they may use to exploit your vulnerabilities. Deliver cyber as a service Either through a shared services approach, or through outsourcing with a managed service provider, delivering cyber security as a service can ultimately lower your capital requirements and operating costs. Just as important, it can also expand your capabilities and shorten response time in the face of cyber events. Selecting and operating alternative delivery models for information security can hold significant value—and should be evaluated as a potential foundation for your security strategy. Be realistic Let’s be honest: it’s impossible to stop all cyber attacks. A more reasonable goal is to focus on reducing the impact of breaches when they hit. First, be secure: protect critical assets against known and emerging threats. Be vigilant: Reduce detection time and develop the ability to detect the unknown. And finally, be resilient: strengthen your organization’s ability to recover when an attacker makes it through your defenses. Practice cyber risk management in tandem with secure service delivery 3
To transform your business, transform your service delivery model This article contains general information only and Deloitte Advisory is not, by means of this article, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This article is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte Advisory shall not be responsible for any loss sustained by any person who relies on this article. As used in this document, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2016 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited Service Delivery Transformation Contacts Cyber security is a defining business issue today—and a key component of service delivery transformation. If you want to learn more about ways to stay secure in the face of transforming your global services, outsourcing, or shared services, we should talk. Jean White Principal, Service Delivery Transformation Leader Deloitte Consulting LLP jwhite@deloitte.com John R. Tweardy Principal Deloitte Consulting LLP jtweardy@deloitte.com Dan Kinsella Partner Deloitte Advisory dkinsella@deloitte.com Raffi Markarian Principal Deloitte Tax LLP rmarkarian@deloitte.com Learn more about Deloitte’s Service Delivery Transformation practice Cyber Risk Services contact Authors Edward W. Powers National Managing Principal Deloitte Advisory Cyber Risk Services epowers@deloitte.com Sundeep Nehra Principal Deloitte Advisory Deloitte & Touche LLP snehra@deloitte.com Steven Darroch Senior Manager Deloitte Advisory Deloitte & Touche LLP sdarroch@deloitte.com

Recommended

CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"OCTF Industry Engagement
 
5.Formato condicional y validación de datos
5.Formato condicional y validación de datos5.Formato condicional y validación de datos
5.Formato condicional y validación de datosMarilyn Cuasapas
 
Formato Condicional y Validacion de Datos
Formato Condicional y Validacion de DatosFormato Condicional y Validacion de Datos
Formato Condicional y Validacion de Datospablotavella
 
Deloitte Mobile Consumer Survey 2014 Report
Deloitte Mobile Consumer Survey 2014 ReportDeloitte Mobile Consumer Survey 2014 Report
Deloitte Mobile Consumer Survey 2014 ReportDeloitte Australia
 
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...Deloitte Australia
 
Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne Deloitte Australia
 
Frequently Asked Questions sulla Cyber Risk Insurance
Frequently Asked Questions sulla Cyber Risk InsuranceFrequently Asked Questions sulla Cyber Risk Insurance
Frequently Asked Questions sulla Cyber Risk InsuranceLuca Moroni ✔✔
 
Retail Trends: Christmas 2016 update
Retail Trends: Christmas 2016 updateRetail Trends: Christmas 2016 update
Retail Trends: Christmas 2016 updateDeloitte UK
 

Recommended

CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"OCTF Industry Engagement
 
5.Formato condicional y validación de datos
5.Formato condicional y validación de datos5.Formato condicional y validación de datos
5.Formato condicional y validación de datosMarilyn Cuasapas
 
Formato Condicional y Validacion de Datos
Formato Condicional y Validacion de DatosFormato Condicional y Validacion de Datos
Formato Condicional y Validacion de Datospablotavella
 
Deloitte Mobile Consumer Survey 2014 Report
Deloitte Mobile Consumer Survey 2014 ReportDeloitte Mobile Consumer Survey 2014 Report
Deloitte Mobile Consumer Survey 2014 ReportDeloitte Australia
 
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...
Tech Trends 2015: The fusion of business and IT | Deloitte Australia | Techno...Deloitte Australia
 
Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne Deloitte Australia
 
Frequently Asked Questions sulla Cyber Risk Insurance
Frequently Asked Questions sulla Cyber Risk InsuranceFrequently Asked Questions sulla Cyber Risk Insurance
Frequently Asked Questions sulla Cyber Risk InsuranceLuca Moroni ✔✔
 
Retail Trends: Christmas 2016 update
Retail Trends: Christmas 2016 updateRetail Trends: Christmas 2016 update
Retail Trends: Christmas 2016 updateDeloitte UK
 
The CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrowThe CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrowDeloitte United States
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors Survey2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors SurveyDeloitte UK
 
Millennials in government
Millennials in governmentMillennials in government
Millennials in governmentDeloitte United States
 
Back-to-college survey 2016
Back-to-college survey 2016Back-to-college survey 2016
Back-to-college survey 2016Deloitte United States
 
The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016Deloitte UK
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
Back-to-School Survey 2016
Back-to-School Survey 2016Back-to-School Survey 2016
Back-to-School Survey 2016Deloitte United States
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017Deloitte UK
 
Cleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing riskCleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing riskDeloitte United States
 
Leadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front linesLeadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front linesDeloitte United States
 
Digital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trendsDigital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trendsDeloitte United States
 
Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024Deloitte United States
 
Setting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legalSetting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legalDeloitte United States
 
Turning diligence insights into actionable integration steps
Turning diligence insights into actionable integration stepsTurning diligence insights into actionable integration steps
Turning diligence insights into actionable integration stepsDeloitte United States
 
Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...Deloitte United States
 
Almost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year AheadAlmost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year AheadDeloitte United States
 
Pivotal Moments All-in-One_FINAL.pdf
Pivotal Moments All-in-One_FINAL.pdfPivotal Moments All-in-One_FINAL.pdf
Pivotal Moments All-in-One_FINAL.pdfDeloitte United States
 
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...Deloitte United States
 
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...Deloitte United States
 

More Related Content

Viewers also liked

The CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrowThe CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrowDeloitte United States
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors Survey2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors SurveyDeloitte UK
 
The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016Deloitte UK
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017Deloitte UK
 
Cleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing riskCleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing riskDeloitte United States
 
Leadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front linesLeadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front linesDeloitte United States
 
Digital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trendsDigital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trendsDeloitte United States
 

Viewers also liked (14)

The CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrowThe CMO Survey: Understanding marketing today and tomorrow
The CMO Survey: Understanding marketing today and tomorrow
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
 
2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors Survey2016 Higher Education Finance Directors Survey
2016 Higher Education Finance Directors Survey
 
Millennials in government
Millennials in governmentMillennials in government
Millennials in government
 
Back-to-college survey 2016
Back-to-college survey 2016Back-to-college survey 2016
Back-to-college survey 2016
 
The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016The Deloitte Consumer Tracker Q4 2016
The Deloitte Consumer Tracker Q4 2016
 
ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017ISACA State of Cyber Security 2017
ISACA State of Cyber Security 2017
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
 
Back-to-School Survey 2016
Back-to-School Survey 2016Back-to-School Survey 2016
Back-to-School Survey 2016
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017The Deloitte Global Chief Procurement Officer Survey 2017
The Deloitte Global Chief Procurement Officer Survey 2017
 
Cleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing riskCleaning up intercompany accounting: Driving efficiency while managing risk
Cleaning up intercompany accounting: Driving efficiency while managing risk
 
Leadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front linesLeadership resilience amid disruption: A report from the front lines
Leadership resilience amid disruption: A report from the front lines
 
Digital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trendsDigital democracy survey: A multi-generational view of consumer TMT trends
Digital democracy survey: A multi-generational view of consumer TMT trends
 

More from Deloitte United States

Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024Deloitte United States
 
Setting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legalSetting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legalDeloitte United States
 
Turning diligence insights into actionable integration steps
Turning diligence insights into actionable integration stepsTurning diligence insights into actionable integration steps
Turning diligence insights into actionable integration stepsDeloitte United States
 
Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...Deloitte United States
 
Almost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year AheadAlmost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year AheadDeloitte United States
 
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...Deloitte United States
 
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...Deloitte United States
 
Few are Confident in Their Organizations’ Ability to Report on ESG Financials
Few are Confident in Their Organizations’ Ability to Report on ESG FinancialsFew are Confident in Their Organizations’ Ability to Report on ESG Financials
Few are Confident in Their Organizations’ Ability to Report on ESG FinancialsDeloitte United States
 
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust Adoption
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust AdoptionDeloitte Poll: Legacy Tech Poses a Challenge to Zero Trust Adoption
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust AdoptionDeloitte United States
 
Private Equity Leads Corporate Deal Teams on ESG in M&A
Private Equity Leads Corporate Deal Teams on ESG in M&APrivate Equity Leads Corporate Deal Teams on ESG in M&A
Private Equity Leads Corporate Deal Teams on ESG in M&ADeloitte United States
 
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...Deloitte United States
 
Could M&A Activity be a Springboard for Controllership Transformation?
Could M&A Activity be a Springboard for Controllership Transformation?Could M&A Activity be a Springboard for Controllership Transformation?
Could M&A Activity be a Springboard for Controllership Transformation?Deloitte United States
 
Putting intercompany accounting back in the spotlight: Controllership Perspec...
Putting intercompany accounting back in the spotlight: Controllership Perspec...Putting intercompany accounting back in the spotlight: Controllership Perspec...
Putting intercompany accounting back in the spotlight: Controllership Perspec...Deloitte United States
 
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...Deloitte United States
 
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...Deloitte United States
 
SOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueSOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueDeloitte United States
 
A new working relationship: Aligning organizations with the workforce of the ...
A new working relationship: Aligning organizations with the workforce of the ...A new working relationship: Aligning organizations with the workforce of the ...
A new working relationship: Aligning organizations with the workforce of the ...Deloitte United States
 

More from Deloitte United States (20)

Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024Digital Asset Risk and Regulatory Compliance Expectations for 2024
Digital Asset Risk and Regulatory Compliance Expectations for 2024
 
Setting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legalSetting the AI table: Leave a seat for legal
Setting the AI table: Leave a seat for legal
 
Turning diligence insights into actionable integration steps
Turning diligence insights into actionable integration stepsTurning diligence insights into actionable integration steps
Turning diligence insights into actionable integration steps
 
Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...Emerging Technologies in Transformations Drive the Need for Evolving Internal...
Emerging Technologies in Transformations Drive the Need for Evolving Internal...
 
Almost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year AheadAlmost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
Almost Half of Executives Expect Supply Chain Security Challenges in Year Ahead
 
Pivotal Moments All-in-One_FINAL.pdf
Pivotal Moments All-in-One_FINAL.pdfPivotal Moments All-in-One_FINAL.pdf
Pivotal Moments All-in-One_FINAL.pdf
 
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
Divestiture Trends: 2023 Could See More Sell-Offs, but Expect Lengthier and M...
 
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
Cash and Liquidity Management Confidence Levels Declining Among Executives, a...
 
Lead Through Disruption Guide PDF
Lead Through Disruption Guide PDFLead Through Disruption Guide PDF
Lead Through Disruption Guide PDF
 
2023 Cyber Forecast Infographic
2023 Cyber Forecast Infographic2023 Cyber Forecast Infographic
2023 Cyber Forecast Infographic
 
Few are Confident in Their Organizations’ Ability to Report on ESG Financials
Few are Confident in Their Organizations’ Ability to Report on ESG FinancialsFew are Confident in Their Organizations’ Ability to Report on ESG Financials
Few are Confident in Their Organizations’ Ability to Report on ESG Financials
 
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust Adoption
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust AdoptionDeloitte Poll: Legacy Tech Poses a Challenge to Zero Trust Adoption
Deloitte Poll: Legacy Tech Poses a Challenge to Zero Trust Adoption
 
Private Equity Leads Corporate Deal Teams on ESG in M&A
Private Equity Leads Corporate Deal Teams on ESG in M&APrivate Equity Leads Corporate Deal Teams on ESG in M&A
Private Equity Leads Corporate Deal Teams on ESG in M&A
 
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting ...
 
Could M&A Activity be a Springboard for Controllership Transformation?
Could M&A Activity be a Springboard for Controllership Transformation?Could M&A Activity be a Springboard for Controllership Transformation?
Could M&A Activity be a Springboard for Controllership Transformation?
 
Putting intercompany accounting back in the spotlight: Controllership Perspec...
Putting intercompany accounting back in the spotlight: Controllership Perspec...Putting intercompany accounting back in the spotlight: Controllership Perspec...
Putting intercompany accounting back in the spotlight: Controllership Perspec...
 
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...
Many C-suite Executives Say Their Organizations Want to Build Trust in Year A...
 
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...
Harvest Now, Decrypt Later Attacks Pose a Security Concern as Organizations C...
 
SOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueSOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting value
 
A new working relationship: Aligning organizations with the workforce of the ...
A new working relationship: Aligning organizations with the workforce of the ...A new working relationship: Aligning organizations with the workforce of the ...
A new working relationship: Aligning organizations with the workforce of the ...
 

Recently uploaded

HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsMichael W. Hawkins
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdftbatkhuu1
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 

Recently uploaded (20)

HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdf
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 

Connectors: Cyber risk

  • 1. Connectors Cyber risk A quick-reference guide to how it plays out in global business services, shared services, and outsourcing Service Delivery Transformation
  • 2. Connectors Cyber risk in service delivery transformation In the realm of global business services, outsourcing, and shared services, cyber risk is quickly rising in importance, largely because companies are making big changes in those areas—in some cases fundamentally rewiring the ways in which processes and technologies are coordinated to deliver services. That’s a recipe for opportunity—and for cyber risk. When an organization transforms its approach to any part of its business, one of the primary questions is often “what are the tax implications?” It’s a necessary question that switched-on leaders ask. In the same way, such shifts are triggering forward-thinking leaders to ask the necessary cyber security question: “How is our organization exposed further to cyber risk as a result of these changes?” It’s a particularly relevant question in the arena of service delivery transformation, where some big changes are unfolding—changes that result in risk. Meanwhile, risk fuels performance. How to strike the right balance? Those that can remain secure, vigilant, and resilient in the face of healthy levels of risk can gain a competitive edge. There are two critical dimensions to the issue of cyber risk in service delivery. First, there is amplified risk that comes from shifting how, where and by whom services are delivered. But also, cyber risk management is emerging as a core, necessary service to the organization– just like Human Resources (HR) is a service, or Finance. What’s more, cyber risk management has deep financial, regulatory, and operational implications. In this issue of Connectors, we’ll examine these dimensions. 2  Connectors  Cyber risk
  • 3. 3  Connectors  Cyber risk Big data, big problems As organizations become increasingly interdependent on critical services, the scale and location of data becomes more complex to manage. In a recent high-profile data breach, the Office of Personnel Management (OPM), a large government agency responsible for soliciting and protecting a tremendous amount of sensitive information on behalf of other governmental departments, was compromised on a massive scale. Partly because of the sheer scale and volume of information held by OPM, it was difficult to zero in on which data types were the most important. Further, the data was scattered across servers hosted by other organizations. While the sensitive information clearly required an elevated approach to security, in the end, that was exactly the data that was compromised— along with many other types. Issues go beyond compliance Whether it’s a retail organization concerned about credit card data standards, a medical device company working to remain Food and Drug Administration (FDA) compliant, or a bank striving to protect customer account data, compliance is a big issue in cyber risk management. When these organizations shift service delivery to centers or offshore, compliance can be an issue— one so big, in fact, that it can obscure other important cyber security issues. For example, companies may be so focused on European Data Protection compliance that they fail to evaluate threat actors, or overlook options such as cyber insurance. What’s important? You may be surprised “Protect the crown jewels.” It’s smart advice for anyone working in the realm of cyber risk management. But for company leaders accustomed to reading about high-profile data breaches in the news, it can be easy to assume that their own data is unimportant, much less determine which of it is most important: “We run a mining company—who on earth would be interested in our data?” Yet losing the availability of quality-related data on a hosted or outsourced system has the potential to create supply chain havoc and disrupt cash flow. The key is to consider not only which data might be useful to outsiders, but which could cause the most disruption if it were unavailable for some reason. It’s not as simple as it sounds, which is why there are a number of exercises routinely used to identify and rank data by its importance. Pinpoint the factors contributing to your cyber risk profile1
  • 4. 4  Connectors  Cyber risk It’s about intelligence— not just control In the face of new opportunities like those introduced by service delivery transformation, it’s tempting for leaders, such as Chief Information Security Officers (CISOs), to simply shut down pathways that are seen as particularly risky. This approach is basically a way to exercise control, often at a time when leaders need to instead be opening the door to more innovation and increasing speed to market. At times like these, CISOs should be working with their business counterparts to develop more risk-intelligent management protocols. “Yes, and…” In reality, many business users will end- run the rules in order to take advantage of new capabilities, raising rather than reducing the cyber risks involved. Innovation often outflanks policy. Cyber risk management leaders have to figure out ways to say “yes, and…” rather than “no”—particularly in the rapidly evolving space in which core services are delivered to the business. Enable and protect2 Real consequences In the midst of a massive acquisition, a global pharma remained laser- focused on maintaining system validation compliance with FDA guidelines on day one. On the first- day go-live, the company was indeed compliant—but it soon realized that it had exposed certain non-regulated assets to a considerable amount of risk. And this wasn’t just vulnerability to external threats. Along the way, the integrity and availability of operational and intellectual property information was compromised—no small issue for pharma companies, which depend on intellectual property as their lifeblood.
  • 5. 5  Connectors  Cyber risk Identify exactly how specific business goals are contributing to risk What cyber risks are generated by your business objectives? Is a rise in business partnerships contributing to greater risks to confidential information? Are offshore centers in limbo due to the constantly shifting cross-jurisdictional data transfer environment? If third parties are handling critical information, are you exposed to a lack of contractual protections? Questions like these can help you anticipate your adversaries, identify which assets they’re most interested in, and which tactics they may use to exploit your vulnerabilities. Deliver cyber as a service Either through a shared services approach, or through outsourcing with a managed service provider, delivering cyber security as a service can ultimately lower your capital requirements and operating costs. Just as important, it can also expand your capabilities and shorten response time in the face of cyber events. Selecting and operating alternative delivery models for information security can hold significant value—and should be evaluated as a potential foundation for your security strategy. Be realistic Let’s be honest: it’s impossible to stop all cyber attacks. A more reasonable goal is to focus on reducing the impact of breaches when they hit. First, be secure: protect critical assets against known and emerging threats. Be vigilant: Reduce detection time and develop the ability to detect the unknown. And finally, be resilient: strengthen your organization’s ability to recover when an attacker makes it through your defenses. Practice cyber risk management in tandem with secure service delivery 3
  • 6. To transform your business, transform your service delivery model This article contains general information only and Deloitte Advisory is not, by means of this article, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This article is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte Advisory shall not be responsible for any loss sustained by any person who relies on this article. As used in this document, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2016 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited Service Delivery Transformation Contacts Cyber security is a defining business issue today—and a key component of service delivery transformation. If you want to learn more about ways to stay secure in the face of transforming your global services, outsourcing, or shared services, we should talk. Jean White Principal, Service Delivery Transformation Leader Deloitte Consulting LLP jwhite@deloitte.com John R. Tweardy Principal Deloitte Consulting LLP jtweardy@deloitte.com Dan Kinsella Partner Deloitte Advisory dkinsella@deloitte.com Raffi Markarian Principal Deloitte Tax LLP rmarkarian@deloitte.com Learn more about Deloitte’s Service Delivery Transformation practice Cyber Risk Services contact Authors Edward W. Powers National Managing Principal Deloitte Advisory Cyber Risk Services epowers@deloitte.com Sundeep Nehra Principal Deloitte Advisory Deloitte & Touche LLP snehra@deloitte.com Steven Darroch Senior Manager Deloitte Advisory Deloitte & Touche LLP sdarroch@deloitte.com