Skip to main content

Beneath the surface of a cyberattack

A deeper look at business impacts

Although cyberattacks are all but inevitable, the extent of their damage is not. By viewing cyber risk through this wider lens, companies can ultimately improve their ability to survive and thrive in the face of increasingly likely cyberattacks

In Beneath the surface of a cyberattack: A deeper look at business impacts, we have leveraged our experience with a variety of cyber incidents and our deep industry knowledge to illustrate how 14 impact factors—including many that are not often visible—can affect an organisation in the days, months and years following a cyberattack.

We help organisations address pressing strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. We provide industry-tailored solutions, using demonstrated methodologies and tools in an effective manner, with the goal of enabling secure, vigilant and resilient operations across the enterprise:

Secure. Means focussing protection around the risk sensitive assets that both you and your adversaries consider the most valuable against known and emerging threats across the ecosystem. Executives must establish risk-prioritised controls to protect against known and emerging threats, and comply with standards and regulations.

Vigilant. Being alert and identify any attacks as early as possible ability to detect the previously unknown and reduce the reaction time. Organisations must establish situational risk and threat awareness across the environment to detect violations and anomalies. Protecting yourself from what you don’t know.

Resilient. Involves early-stage identification of threats and the capacity to rapidly respond and contain the damage. Identifying “Single Points of Failure” to develop alternative back-up arrangements and strengthening your ability to recover when incidents occur are key. Leadership must establish the ability to handle critical incidents, quickly return to normal operations, and repair damage to the business in order to minimise the impact.

Read More 

What our experts say:

The integration of cyber and valuation disciplines provides fuller insight that should informthe way organisations think about and plan for cyber incidents. It also reveals some importantobservations that are difficult to see through the traditional lens of direct cost—and hopefullywill encourage organisations to think beyond the “conventional wisdom"

Derek Schraader - Risk Advisory Africa Leader: Cyber Risk Services

Additional reading

  • A cyberanalytics strategy to stay ahead of any threat
  • Mitigating the risks of cloud computing
  • You have had a privacy breach - now what?
  • Mitigating information risks in the social landscape
  • Mobility matters, and so should your mobile device management solution

Did you find this useful?

Thanks for your feedback

If you would like to help improve Deloitte.com further, please complete a 3-minute survey