This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

Program Development and Governance Services

Helping you develop your Secure.Vigilant.Resilient. program

To grow and thrive, organizations are increasingly dependent on their complex technology ecosystems to connect with customers and constituents in new ways, to increase reach and profitability and to garner data-driven insights for strategic decision-making. But as cyber-attacks occur with greater frequency and severity, board members and executives are becoming aware that technology-based innovations and initiatives also open doors to cyber risks.

Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Deloitte's Cyber Risk Program Development and Governance services support the transition to an executive-led cyber risk program that balances requirements to be secure, vigilant and resilient in line with the risk appetite of the organization. Services include:

  • Cyber risk and IT security program assessments, conducted on an enterprise-wide basis for specific business areas, provide insight on areas of strength and weakness and guide ongoing investment and organizational transition strategies.
  • Executive cyber threat awareness programs help business leaders gain a better understanding of the cyber risk landscape, how it may impact their particular organization and establish cyber risk management priorities.
  • The CISO transition lab is a one-day experience designed to help newly appointed CISOs develop a 180-day action plan to lead the cyber risk program, focusing on management of time, talent and stakeholder relations.
  • Governance, Risk and Compliance (GRC) services help organizations develop practical solutions to achieve better visibility over key components of the cyber risk program, leveraging leading vendor GRC platforms or custom-built solutions.

Spotlight on

Mary Galligan has joined Deloitte after retiring in 2013 from a distinguished career with the Federal Bureau of Investigation (FBI). She was most recently the special agent in charge of Cyber and Special Operations in the New York Office. Mary will advise senior corporate executives on crisis management challenges, in particular cyber risks and help them develop and execute security programs to prevent and minimize the business impact of cyber threats and other incidents.


Vigilant, Inc., a specialist in security monitoring and cyber threat intelligence, is now part of Deloitte's portfolio of security solutions for high-risk industries. Read the press release here.


More Featured insights

  • Managing the risks of rewards
    The current status of loyalty data security presents both an opportunity and a threat for hotels and airlines. Lean more about the Loyalty Data Security Survey findings and Infographic.
  • Changing the game on cyber risk
    Learn more about changing the game on cyber risks by becoming secure, vigilant and resilient.
  • Quantum Dawn 2: A simulation to exercise cyber resilience and crisis management capabilities
    This high-level report provides a view of the exercise’s objectives, its cyber-attack scenario, results, and lessons learned.
  • Networked medical device cybersecurity and patient safety: Perspectives of health care information cybersecurity executives
    Health care information cybersecurity executives discuss their challenges, activities, and thoughts about networked medical device governance, risk management and cybersecurity.
  • Cyber crime fighting
    Enterprises have to go on the offense to protect themselves from a rising tide of cyber crime.

As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Industry perspective

  • Cyber in the boardroom
    Now is the time for directors to ensure senior management focus.
  • Update: Privacy and security of protected health information
    Omnibus Final Rule and stakeholder considerations.
  • ExternalURL
    2013 TMT global security study
    Explore Deloitte's sixth annual worldwide study report of information security practices.
  • ExternalURL
    Striking a balance between extracting value and exposing your data to the bad guys
    FT article on security as companies depend on business and operating models that require data to be shared and protected.

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Stay connected