Cyber Risk Services

With the proliferation of Internet-enabled devices, cyber culture is growing more rapidly than cyber security. Everything that depends on cyberspace is potentially at risk. Deloitte’s cyber risk practice helps you reduce your exposure to cyber-attacks and respond in a secure, vigilant and resilient manner.

Deloitte’s leading Cyber Risk Services team helps organisations address pressing and pervasive strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. We provide industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling on-going, secure and reliable operations across the enterprise.

A daunting global challenge

The evolution of modern technology has given rise to cybersecurity threats, it can be a challenging task for companies and regulators to keep up. The challenge is especially difficult for global companies, which must constantly combat an endless stream of cybersecurity threats while demonstrating regulatory compliance in all jurisdictions in which they operate.

Companies based in countries that have imposed strict cyber security measures or cyber integrity requirements may have an edge because they have already done a lot of the hard work necessary to clear a very high bar. On the other hand, companies based in countries with less rigorous requirements are most likely behind on the compliance maturity curve and may thus need to do more work to catch up.

Download the global cybesecurity compliance integrity report here.

Transforming authentication for a digital age

In today’s world of advanced technology, identity is a centrepiece for Financial Technology (FinTech) and its drive towards digitisation. In order to support the growing demand for more transactions and applications for banking services online, there is a keen focus on holistic authentication and authorisation solutions to complete a growing variety of digital transactions.

Download the transforming authentication for a digital age report here.

Cyber security: everybody’s imperative

A guide for the C-suite and boards on guarding against cyber risks

As cyberattacks grow in increasing numbers and complexity, boards and C-suite executives play an important role in shaping the way organisations respond to the new cyber threat landscape. Cyber threat management has become a business and strategic imperative in this digital world. Find out the top 10 questions that boards should be asking about cyber security and resiliency. Deloitte’s Cyber Risk guide is designed to help identify an organisation’s cyber capabilities and evaluate the cyber ‘character’ of the board.

Download the Cyber security: everybody’s imperative report here.

Responding to cyber threats

A change in paradigm

In this changing landscape, a shift must take place to adequately combat the challenge. The old approach has failed many organisations and cost the world billions of dollars. While we expect that advancements in technology will continue to disrupt the way we approach cyber risk, the objectives and principles identified in the paper attempt to provide the basis of the migration model that is still evolving. These mitigations are explored in the proposed Deloitte Cyber Security 3.0 model.

Download the responding to cyber threats: A change in paradigm report here.

Cyber Security

The changing role of audit committee and internal audit

Among the most complex and rapidly evolving issues companies must contend with is cybersecurity. With the advent of mobile technology, cloud computing, and social media, reports on major breaches of proprietary information and damage to organisational IT infrastructure have also become increasingly common, thus transforming the IT risk landscape at a rapid pace.

International media reports on high-profile retail breaches and the major discovery of the Heartbleed security vulnerability posing an extensive systemic challenge to the secure storage and transmission of information via the Internet have shone a spotlight on cybersecurity issues. Consequently, this has kept cybersecurity a high priority on the agenda of boards and audit committees.

Working hand-in-hand with our clients, Deloitte helps organisations plan and execute an integrated cyber approach to harness the power of information networks to enhance business operations, increase mission performance, and improve customer support, without compromising security or privacy. Our practitioners are focused on specific industries and sectors and they bring a demonstrated depth of knowledge and experience to help our clients solve their information cyber risks. These enterprise-wide security services include:

Our practitioners are focused on specific industries and sectors and they bring a demonstrated depth of knowledge and experience to help our clients solve their information cyber risks. These enterprise-wide security services include:

Security management

Security management involves an organisation’s efforts in protecting its information systems and computer networks from cyber intrusions, malware or any type of data breaches. We take on the role of assisting clients in developing strategic and tactical information security strategies that are aligned with business, regulatory and risk management requirements.

Identity and access management

Our team of cyber risk experts We help clients to design and implement a comprehensive framework that integrates disparate user identities repository into a common security solution through the deployment of a service-oriented architecture (SOA). The use of SOA allows the flexibility to accommodate additional security services, such as multi-factor authentication.

Vulnerability management

Vulnerability management is essentially a security practice designed to mitigate or prevent the exploitation of cyber-attacks and IT malware. It is imperative for organisations to implement an effective vulnerability management to safeguard against any form of cyber- attack. We assist in identifying and analysing vulnerabilities through threat modelling and security posture assessments of information systems and networks.

Infrastructure and operations security

A secure IT infrastructure is the foundation of doing business. In a business environment where information security is key, the right infrastructure ensures high availability, scalability and efficient security. We help clients design and deploy a comprehensive and robust, secure architecture for the business-driven IT infrastructure.

Download the cybersecurity: The changing role of audit committee and internal audit report here.

Cyber Services in Southeast Asia

Secure. Vigilant. Resilient

Deloitte's first Cyber Risk Security Operations Centre (SOC) for the Asia Pacific and Southeast Asia region will be set up in Singapore. This centre will complement the services that Deloitte has been providing globally, thus allowing round-the-clock security services to ensure coverage for clients across all time zones. It will also provide advanced security event monitoring, threat analytics, cyber threat management and incident responses for businesses in the region, to meet the increasing market demand in cybersecurity services.

Download Cyber Services in Southeast Asia brochure for more information.

Information technology risks in financial services

What board members need to know — and do

Boards’ risk-related responsibilities at financial services companies have intensified, with governance of Information Technology (IT) risk becoming increasingly critical. However, IT risk may be the one risk that the typical financial services board member may be least prepared to oversee. IT risk-related challenges in financial services will grow in number and importance in the years ahead. This paper highlights select IT risks for boards of financial institutions to consider, and suggests strategies they can employ to better oversee them.

Download the information technology risks in financial services report here.

Cyber Executive Briefing

Staying ahead in the global marketplace

In the interconnected world today, a cyber- attack is no longer a question of ‘if’ or ‘whether’ but ‘when’. With the growing importance modern technology across different business functions, organisations are increasingly exposed to cyber security issues and threats. The board of directors are often tasked with asking tough questions. Find out what are the top 10 cyber security questions to ask your organisation.

Download the Cyber Executive Briefing: Staying ahead in the global marketplace for more information

The (Evolving) Art of Risk Sensing

Risks of the present and future continue to change as the business world evolves with technological advancements and innovations. Risk-sensing capabilities and efforts need to be forward-looking and agile to transform risks arising from economic, market, regulatory and technological evolutions. A crucial component of a company’s risk management process, risk sensing supports risk and impact assessment to address risks across the entire relevant time horizon.

Risk sensing helps companies detect emerging risks to be mitigated before potentially significant damage or costs are incurred. It is also a platform for detecting emerging trends to enhance understanding of risk/reward tradeoffs inherent in value creation to improve resource allocations. Deloitte commissioned a survey to assess the state of risk sensing in large organisations, which clearly indicates that organisations have been developing their risk-sensing capabilities.

Click here to read the full article.

Software Asset Management

Hardware and software purchases typically form 20% of an organisation's IT budget, where significant portions go to unutilised service and support costs. Software licensing is a risk that needs to be addressed, as vendor audit compliance and purchase of missing licenses can lead to unexpected costs.

Software Asset Management (SAM) includes all the necessary processes and infrastructure to plan, control and protect your investments in enterprise software throughout each phase of the lifecycle.

Download Software Asset Management brochure for more information.