Cyber everywhere. Grow anywhere.

Today’s dynamic digital and business ecosystems means that cyber is everywhere, and not all cyber incidents can be prevented. Deloitte’s Cyber Resilient services combine proactive and reactive incident management processes and technologies to help organizations rapidly adapt, respond, and recover from cyber disruptions with minimal impact to their business—and to more readily embrace new opportunities for growth.

We help organizations plan for, respond to, and manage high-consequence cyber incidents which have the potential to seriously disrupt operations, damage reputation, and destroy shareholder value. Forensic and malware analysis services help organizations protect their brand and reputation by proactively advising on their exposure to fraud, corruption, and other business risk issues.

  • Cyber Incident Response and Forensics Deploys the Deloitte Cyber Incident Response team 24/7, enabling clients to respond effectively and decisively to a cyber-security incident. Deloitte specialists have experience dealing with a vast range of cyber incidents. Helps the business recover quickly back to normal operations. Deloitte teams are also able to forensically investigate cybercrime to determine the nature, extent, means and origin of an incident. This supports organizations in any legal actions they may need to take. Provides a proactive set of advisory services that can help organizations improve the ability to respond to incidents.
  • Technology Resilience Enhances the technical response team with a team of technology specialists who support clients in enacting their contingency plans and returning technical operations to a normal state after a cyberattack or other disruption. This team can focus on specific systems or applications to support the recovery effort. These specialists are also skilled in the development of recovery plans and preparation activities that need to be developed prior to any incident.
  • Customer Breach Support and Response Helps clients minimize the impact of a data breach – by putting their customers at the heart of the response and hand holding them through the days and weeks following an incident. Includes customer breach notification plans and communications, and the scalable infrastructure and trained resource to engage, support and protect clients’ customers - and thus their organization - through the crisis.

We help organizations evaluate their readiness, across multiple dimensions, to respond to cyber incidents. Cyber wargames, which are typically between 2-4 hours in duration, provide likely cyber incident responders an opportunity to react in a realistic manner to a simulated cyber incident in a safe and controlled environment. Observations of cyber wargames are then documented in an after-actions report to enhance response capabilities.

  • Cyber Workshop Aims to increase awareness and support the development of plans and procedures for the technical, operational and strategic response teams as well as functional teams such as communications. Focuses on detailed discussion of an unfolding pre-prepared scenario, often split into key incident/crisis response phases. Includes key areas for discussion: roles, responsibilities, information management, identifying issues and decisions, as well as team working.
  • Cyber Table-Top Exercise Guides teams in reviewing plans and processes, and practicing their roles and responsibilities. The exercises often focus on sharpening specific skills (such as logging, conducting risk assessments and rehearsing decision-making processes) and identifying opportunities to improve the prevention of, response to, and recovery from a cyber incident or crisis.
  • Cyber Simulation Exercise Rehearses or stress-tests existing plans and procedures against complex and multi-faceted cyber incidents or crises. Exercises are designed to take place in a realistic, real-time and ‘live’ controlled environment – often involving multiple levels of an organization operating remotely on a global scale. They unfold through a variety of pre-prepared so-called ‘injects’ delivered by role players and experienced exercise facilitators. Participants are immersed in the pressure of a real cyber-related crisis.


Andrei Ionescu

Andrei Ionescu

Partner-in-Charge Risk Advisory

Partner leading the Management Consulting and Risk Advisory services in the Romania & Moldova practice. Andrei has more than 20 years of experience in risk management, cyber risk, internal audit, frau... More