Deloitte Cyber Threat Risk Management Point of View Helps Corporate Boards Tackle the Question: “Could This Happen to Us?”
New York, February 15, 2012 — Alarmed by a proliferation of cyber attacks on high-profile businesses, many boards of directors are asking their executive teams one question: “Could it happen to us?” Unfortunately, at most companies, the short answer may well be that it is already happening.
And the end result could be devastating. From vandalizing an organization’s website to shutting down networks, perpetrating fraud and stealing intellectual property, cyber attacks can deal a serious blow to a company’s brand and reputation. Moreover, concerns about data security could also prompt current and prospective customers to take their business elsewhere, and negative reactions among investors may even drive losses in market value.
Compounding the situation is the reality that many organizations may not be as effective at managing cyber threat risk as they are at managing risk in other areas, because cyber threats are both a relatively new and constantly evolving source of risk.
“Risk Intelligent governance in the age of cyber threats: What you don’t know could hurt you,” is a new point of view from Deloitte’s security and privacy services practice that is designed to provide organizations with an understanding of their capabilities for managing and mitigating the ever-present risk that cyber threats pose today. The Deloitte report advises companies to evaluate how their organization may transition its cyber threat risk management practice towards a more proactive, preemptive and mature approach.
About Deloitte’s Security & Privacy Services
Deloitte’s security & privacy services helps organizations address pressing and pervasive information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy, and application integrity. We provide industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling ongoing, secure, and reliable operations across the enterprise.
As used in this document, “Deloitte” means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.