Security, resilience and digital forensics
Addressing security challenges
In today’s information and digital economies, system security issues have a potentially significant impact on business and can result not just in financial losses, but damage to reputation and operational downtime.
System security, regulatory compliance and good governance are now expected by customers, partners and shareholders.
How we can help
Our team of highly experienced specialists is the largest group of security and forensics professionals in Ireland. We can use our extensive experience to assist your business in addressing security concerns or challenges, aligned to international best practice and providing real world solutions to common business challenges and risks.
Our security and resilience services include the following:
- Cyber security
- Information privacy and protection
- Identity and access management
- Digital forensics and eDiscovery
- Resilience and preparedness
- Focused services
While the term cyber security has been around for a while, the volume of attacks and the nature of the cyber threat have evolved. The impact on organisations can be significant, or in some cases catastrophic. System downtime leads to loss in profits, reputational damage, disgruntled customers and ultimately a competitive disadvantage or a loss of opportunities. Data loss and breaches not only damage brands but also lead to regulatory fines and compensation pay outs for affected customers. Cyber has moved beyond the IT department to become a Board-level issue.
Deloitte’s Cyber Preparedness capability enables businesses to test cyber crisis management procedures in controlled but realistic scenarios rather than relying on hypothetical plans. A delay in effectively responding to a cyber-incident can add significant cost to organisations through data and assets lost or compromised and reputational damage.
Deloitte’s Cyber Aware capability provides member firm clients with tailored services that range from external cyber threat intelligence and vulnerability assessments to outsourced managed security services.
Deloitte’s Cyber Response services have been designed to provide member firm clients with access to the skills, experience and expertise that are needed during times of crisis.
Deloitte can offer your organisation the support of our Cyber specialists, making staff aware of threats and provide member firm clients with access to the skills, experience and expertise that are needed during times of crisis. Deloitte can help in the development and implementation of a safe Cyber Security by providing a range of services, including the following:
- Cyber security and cloud computing advisory
- Digital forensics
- Penetration testing services
- Vulnerability and web application assessments
Information privacy and protection
Information is pervasive in our daily lives, with the adequate protection and management of data presenting a growing challenge for organisations. Conforming to the associated requirements ensures there are no unforeseen interruptions to your operations. Customer and employee concerns over personal information and sensitive data can lead to reputational risk. Breaches in data protection legislation can inhibit organizational change and adversely affect technology integration.
Deloitte’s Information Privacy and Protection service(s) helps organizations to identify and manage risks and opportunities associated with information management and data protection. We can help our engagements respond strategically and tactically to data asset management issues associated with globalization, diverse and conflicting legal and regulatory requirements, rapidly changing technology, and extended enterprises.
Deloitte’s experience can help our member firm clients understand the key factors for reducing exposure to critical risks and potential damage to brand, including help in the following areas:
- Privacy and data protection strategy
- Building an organization-wide inventory and classification map of personal data
- Policies and procedures
- Training and awareness
- Cross-border data transfers
- Data retention
- Compliance with law enforcement requests
- Building privacy controls into IT projects
- Managing varied international compliance requirements
- Audit and monitoring programs for on-going data protection compliance
Identity and access management
Identity and Access Management is a highly complex business issue that goes far beyond the IT department. It encompasses the entire organization, including business units, individual locations, systems, access points, business partners and customers. Complicating matters further, is the growing number of mobile employees, joint ventures and other business activities that expose IT systems to potential threats.
Deloitte’s Identity & Access Management (IAM) framework addresses all aspects of the identity and access management lifecycle. It is a holistic, business-focused approach that incorporates Deloitte’s experience related to processes, control, technology and security, with in-depth vendor software knowledge, to deliver a comprehensive and sustainable identity management solution.
Digital forensics and e-Discovery
The need for digital forensic investigations and e-Discovery is becoming more prevalent for organisations that are required to investigate activities, events or incidents as part of internal reviews or legal proceedings. Deloitte Ireland operates a state of the art forensic and eDiscovery laboratory to assist with small standalone, through to large complex investigations spanning various geographic locations. Our scale allows us to capture, review, process and store information from our secure purpose built forensic lab (based in Ireland), eliminating the headaches and need for unnecessary movement of sensitive data.
Our experienced and certified professional personnel combine years of in-depth international experience across various industry and client sectors, coupled with knowledge of leading edge technologies and forensic toolsets. We provide an end to end service, from early case assessment through to evidence collection, analysis, production, reporting, litigation support, and expert witness services.
Deloitte understand the urgency, requirements and challenges associated with technical investigations. Our established, qualified, credible and proven track record uniquely positions us to respond within hours to immediate and urgent requirements. Deloitte are uniquely positioned to provide a forensic capability and incident response partnership with your organisation across the areas of digital forensics and e-Discovery.
Resilience and preparedness
Resiliency is a critical component of successful business management. Experience shows that typically more than 50 percent of businesses without an effective resiliency plan will ultimately fail following a major disruption. The need to ensure continuity of service has never been greater due to more organizations operating 24/7 and an increasing dependence on technology to conduct business. Increasing stakeholder and regulatory expectations demand an approach that ensures equal consideration is given to managing the immediate and longer term outcomes from incidents affecting people, processes, systems or events external to the organization.
Deloitte’s experience combined with the use of a robust operational resiliency framework methodology help our member firm clients create organizational resiliency, a state in which issues are identified and prevented before they arise, and prepare the client to manage the unexpected.
Our approach to resilience and preparedness:
- Identify critical business processes
- Analyse impact of disruption
- Define operational and financial impacts of an outage
- Agree on the maximum allowable outage for each process
- Determine the resources needed to recover essential processes - Continuity Strategy Definition
- Identify alternatives for meeting maximum allowable outages
- Consider costs and benefits of the alternatives
- Decide upon the most appropriate recovery strategy
- Formalize backup resource agreements - Contingency Plan Implementation
- Document business process recovery procedures
- Document resource/infrastructure recovery procedures
- Document contingency plan management procedures
- Establish plan maintenance and testing processes
Deloitte recognises that in today’s complex business environment, no organisation is the same and that each organisation must be able to adapt to address the different risks that they face. Organisations must implement and maintain proactive security governance and compliance programs to survive in today’s competitive market and achieve a fundamentally more secure state. Deloitte’s professionals help organisations address the unique challenges faced by each organisation, work with them and tailor a solution to their needs.
Deloitte provide focused services to provide clients with bespoke and real life solutions to issues faced, including:
- Security strategy and transformation
- Cloud computing advisory
- Policies and standards development
- Information security best practice
- Mobile computing and smart devices