IT risks and security challenges

A series of Deloitte perspectives as published in the Wall Street Journal.

Read more on the following topics

Cyber Security in a borderless world
Three prevalent technologies - social media, mobile devices, and cloud computing - substantially expand the attack surface of your enterprise.

Rapid adoption of social media, mobile devices and cloud computing has expanded the traditional borders of the enterprise- creating new entry points for cyber attacks.

Making the real case for cyber security
How to talk to senior executive about the realities of the evolving cyber security landscape.

Despite increasing attention to security in the press and the boardroom, the security capabilities in many companies have not kept pace with a rapidly changing world.

IT literacy in the boardroom
Boards of directors need a clearly defined approach to understanding and actively governing the enterprise IT operations under their purview.

Until recently, IT was not an area of focus for most boards of directors. Increasingly, however, many directors view IT as being crucial to their companies.

Is your IT security approach due for a refresh?
Update traditional security measures to address today’s threats.

Three broad practices form the foundation of most IT security strategies: access management, software vulnerability management, and personally identifiable information (PII) management.

What you don’t know could hurt you
To assess exposure to cyber threats, companies need to go beyond generalities and focus on specific questions about security practices.

Could it happen to us? Alarmed by an uptick in cyber attacks on high-profile businesses, may boards of directors are asking their CIOs and CISOs just that question.

Cyber intelligence today: proactive and predictive
IT leaders and business executives need to understand how the critical discipline of cyber intelligence is evolving.

Individual cyber intelligence capabilities have been applied for decades, some since the earliest days of IT system design.

The technology blocks of cyber intelligence
Organisations should establish the technological foundation that enables them to take a proactive stance against cyber threats.

Cyber intelligence is as dependent on the underlying technology as it is on governance and organizational change.

Getting smart about cyber intelligence
Protecting vital information assets demands a broad approach to cyber intelligence.

In recent years, IT security and privacy concerns have graduated from the IT department to C-suites and boardrooms.

Cyber espionage: A proactive approach to cyber security
To mitigate the risks of advanced cyber threats, organizations should enhance their capabilities to proactively gather intelligence and monitor and remediate vulnerabilities.

Many organizations are still using a reactive, defensive posture to address cyber security incidents.

Cyber espionage: The harsh reality of advanced security threats
Many organizations are unprepared to protect themselves against the latest generation of automated cyber attacks. Is yours?

Legend has it that ostriches bury their heads in sand to avoid danger - the belief is that if I cannot see peril, it cannot see me. For decades, some businesses have been operating as though they were ostriches with respect to cyber threats, burying their heads in a protective sand of compliance requirements and safe practice regulations.

Cyber espionage: Playing defence with employees
Organizations can go beyond background checks to address the cyber risks stemming from their employees’ behaviour, both intentional and unwitting.

When it comes to cyber security, employees can be your frontline of defence or your biggest threat, sometimes without even realizing it. Checks to address the cyber risks stemming from their employees’ behaviour, both intentional and unwitting.

What’s different about the “Capability Cloud”?
The “capability cloud” is significantly improving the acquisition, implementation, and management of IT services for the business.

“Cloud computing” is continuously growing and maturing - in the adoption and sophistication of offerings and the vendor landscape. Recently, the adoption of the “capability cloud” - through which deployments move from improving capacity to enabling business capabilities - has demonstrated the substantial disruptive potential of this technology.

Capturing the potential of the capability cloud
As the cloud market evolves from capacity to capabilities and beyond, companies are increasingly obtaining services that directly address business objectives and enterprise goals.

In the recent cloud past, the IT crowd was enamoured primarily by “as-a-service” cloud concepts that unleashed the power of distributed computing, virtualization, and ubiquitous networking.

Risk intelligent governance: A profile of maturity
A “maturity” assessment can help your organization understand its capabilities for managing and mitigating the ever-present risk posed by cyber threats.

How effective is your company at keeping its exposure to cyber threats within acceptable limits? CIOs and chief information security officers (CISOs) can expect business leaders to be asking them precisely that question as cyber attacks become increasingly common and sophisticated.

Risk intelligent governance: Controlling software and information sharing
How well prepared is your organization to address cyber threat vulnerabilities relating to the software running on devices and the information shared by employees?

Because cyber threats are both relatively new and constantly evolving, many organizations may not be as effective at managing  cyber threat risks as they are at managing risk in other areas.

Risk intelligent governance: Tracking outbound information and logins
Is your enterprise prepared to address cyber threats relating to outbound digital information and logins to the organisation’s systems?

In this article, we cover tracking two critical vulnerabilities: the digital information that leaves the organization and who is logging  onto the organization’s systems.

5 mobile security mistakes IT organizations make
In an effort to balance the needs of mobile business users with security imperatives, IT departments sometimes make mistakes.

In study after study, IT professionals cite security and data privacy concerns as the top inhibitor to mobile adoption. Their apprehensions about mobile devices and mobile access to corporate systems are justified because the risks are real.

Aligning enterprise mobility goals with solutions
Let the business and technology objectives of your mobility plan drive your approach.

Providing employees with powerful mobile devices allows them to be productive from anywhere and may allow for innovative, or potentially even disruptive, ways of doing business.

Considerations for BYOD programs
The decision to allow employees to bring their own mobile devices into the enterprise needs to be made with care.

Mobile devices such as smartphones, tablets, and e-readers have become so portable, powerful, connected and user-friendly that they have penetrated every facet of our personal and professional lives. Almost any application imaginable can be developed on, or accessed from, a mobile device.

The changing landscape of digital identity management
Digital identity management has been around for decades, but today’s challenges - and solutions - have become increasingly complex.

Executives of enterprises large and small face the same challenges of managing and securing identities. The swift proliferation of digital identities, increased regulatory requirements, and heightened corporate fraud and security risks are creating the need for enhanced management capabilities.

The security agenda for digital identities
Harry D. Raduege, Jr., chairman of the Deloitte Centre for Cyber Innovation, discusses three priorities for managing and securing digital identities.

Leaders today, both in government and industry, have a growing recognition that managing security is about managing risk. Every month, their digital-age organizations face billions of attacks from infiltrators seeking to manipulate, steal, deface, or shut down networks.

The Power of One: Moving toward a unified digital identity
Managing digital identities isn’t just a security issue - it’s also a smart business move.

Our digital identities are becoming increasingly complex. Not so long ago, an individual’s entire digital presence existed almost exclusively at work, and he or she was identified by a single user name. As enterprise technology expanded to include new tools and platforms, the number of digital identities grew.

Secure digital assets ahead of new privacy
Setting standards now to provide transparency, assess and mitigate risk, and confirm compliance may protect the business model and stave off competitors.

A growing number of companies have created valuable business models through  buying, collecting,  and aggregating huge amounts of personal data, or mining their own databases for insights into their customers’ behaviours. For some companies, these databases may well be their most valuable asset.

Key contacts

Share this page