Cyber Risk Services


Cyber Risk Services

In a rapidly changing world where information has strategic value, supply chains are interconnected and uncertainties abound in global business, the security and resilience of operations has been raised to a Board-level issue.

Even a casual scan of the media shows that cyber attacks, supply chain disruption, natural disasters, insider attacks and frauds are sufficiently pervasive for security to remain on the Board’s agenda for years to come.

It's what we do that makes the difference

With decades of experience serving some of the largest and most prestigious organisations in Switzerland and worldwide, Deloitte has the expertise to offer a full spectrum of services. Our key service areas are outlined below and include cyber security, information privacy and protection, corporate and physical security, business and technology resilience.

Deloitte can help lead your organisation to an agile, rapid risk response approach to enable greater insight and informed business decisions tied to business value. Our breadth of capability across risk management, IT consulting and organisational transformation allows us to define an approach that can efficiently and effectively align people, processes, and technologies.

As the largest of the ‘big four’ we are proud of our global capabilities and believe we can leverage this global strength to serve our clients locally and internationally. 

Cyber Security

With the proliferation of Internet-enabled devices, the cyber threat is growing more rapidly than most organisations’ ability to cope. Everything that depends on cyberspace is potentially at risk: private data, intellectual property, critical infrastructure, and even military and national security can be compromised by deliberate attacks or inadvertent security lapses that originate across the global Internet. 

Working hand-in-hand with our clients, Deloitte helps organisations plan and execute an integrated cyber approach to harness the power of information networks to enhance business operations, to increase mission performance, and improve customer support, without compromising security or privacy.

Read more about Cyber Security.

Recent publication: Beneath the surface of a cyberattack

A deeper look at business impacts

Do leaders accurately gauge the impact a cyber attack can have on their organisation? Do common assumptions about the costs and recovery process associated with data breaches paint a clear picture? This paper considers - in financial terms - the broad and extended business impact of cyber attacks, including both direct and intangible costs.

Read more about Beneath the surface of a cyber attack

Privacy & Data Protection

Privacy and data protection issues present a growing challenge as organisations must interpret and comply with complex and diverse international laws and regulations on how they handle personal information.

Customer and employee concerns over personal information have increased the reputational, regulatory and operational impact of a breach. A proactive approach to privacy and data protection is now seen as a competitive advantage and can minimize the likelihood and significance of such a breach.

Deloitte helps organisations understand the key factors for reducing exposure to critical risks and potential damage to your brand.

For regular updates on global regulatory developments, as well as relevant news and information on upcoming events in the field of data protection and privacy sign up for our privacy flash.

Read more Privacy & Data Protection.

Identity & Access Management

Organisations are adopting more and more varied ways of interacting with employees, customers, and partners via the Web, social media, and mobile device technologies. As a result, many have experienced a significant spike in access points and digital user identities. Today, they find themselves struggling to gain greater control over identity and access management.

Through our Identity and Access Management (IAM) practice, Deloitte addresses the full IAM lifecycle using our proven framework. To enhance organisational results, we take a business-focused, end-to-end approach that safeguards and streamlines identity management in support of cost savings, productivity, and risk reduction goals.

This includes leveraging our extensive industry and sector experience related to processes, controls, technology, and security, as well as Deloitte's in-depth vendor software knowledge. The Security team will be able to provide the full range of identity and access management advisory, strategic, technical and vendor specialist skills including Aveska, CA, IBM, Novell, Oracle and SailPoint.

Read more about Identity & Access Management.

Resilience & Preparedness

We help organisations prepare for and respond to high-consequence events which have the potential to seriously disrupt operations, damage reputation and destroy shareholder value. These range from significant business disruptions due to severe weather, acts of terrorism, industrial action and pandemics to major strategic, commercial or loss events such as project ‘go-live’, new product launch and product recalls, and even fraud and consumer data leakage.

Read more about Resilience & Preparedness.

Corporate Security

A value-added corporate security function must be fully integrated with, and aligned to, the business. If the asymmetric nature of the various threats such as terrorism and criminals is understood, and the corporate security function is holistically integrated into the greater business activities, the benefits increase beyond just risk reduction, even providing a competitive advantage for your organisation.

Our risk methodology, based on industry best practice, enables us to assist you by conducting strategic and operational risk assessments to identify threats, your attractiveness to malicious entities, and the likelihood, vulnerability and impact of an attack. From there, we can help you develop strategically-aligned projects to mitigate those risks in line with your organisation’s risk appetite.

Read more about Corporate Security.

Organisational Excellence

Organisations are under increasing pressure to improve their information security, yet at the same time they are challenged to reduce operational overhead.

To be able to address what appears to be conflicting priorities of improved security controls and reduced operational overheads, many information security functions undergo a rapid transformation, a ‘step change’ in the structure, governance and approach to information security. This requires an up-front investment to achieve operational excellence and alignment to the mission and strategy of the organization.

Read more about Organisational Excellence.

Technology Focused

We have been there before: innovations arrive and sweep across industries, but security is not considered until losses have been incurred. Protecting information in e-Banking, the cloud, mobile devices, bring your own device (BYOD), and social media are themes that require active assessment and in-depth knowledge of the issues relevant to each.

Our experienced security experts help companies become more pre-emptive and build security into their technology solutions before flipping the “On” switch.

Read more about Technology Focused.


Mark Carter

Mark Carter

Managing Partner

Mark Carter is the Managing Partner for Risk Advisory in Switzerland and a member of the Swiss Executive team. Mark has extensive IT consultancy experience, mainly helping organisations transform thei... More

Klaus Julisch

Klaus Julisch


Dr. Klaus Julisch is a Partner in Deloitte’s Cyber Risk Services practice, with over 15 years of experience in designing, assessing, and transforming secure enterprise solutions. He leads the areas of... More