This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Security transformation

Shifting gear


A step-change in the structure, governance and approach to Information Security

Organisations are under more pressure than ever to address their information security issues yet at the same reduce their operational overheads. Increasing media attention, as a result of a number of high profile security breaches, is being accompanied by an ever growing list of legislative and regulatory requirements (e.g., Sarbanes-Oxley, PCI DSS and various Information Privacy requirements).

In response, many organisations have gone for an evolution-based approach aimed at addressing just one or two priority areas.  This has often resulted in a proliferation of tools and techniques for managing threats and compliance, thus introducing unnecessary operational inefficiencies.

The solution – fundamental change

To be able to address what appears to be conflicting priorities of improved security controls and reduced operational overheads, many information security functions must undergo a rapid transformation.  This transformation requires a ‘step-change’ in the structure, governance and approach to Information Security requiring up-front investment to achieve operational excellence aligned to the mission and vision of the organisation.

Successful delivery can be a significant and daunting task, requiring organisations to concurrently manage complex and challenging projects, changes to key systems and control environments and transformation of the security culture of across the entire organisation.

Material on this website is © 2014 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see “About Deloitte” for a more detailed description of DTTL and its member firms.

Get connected
Share your comments


More on Deloitte
Learn about our site