A number of high-visibility cyberattacks on well-known global companies in FY2015 not only resulted in the very public dissemination of personal and confidential information, but they also served as reminders to Deloitte that data security begins at home.
As a network, we must be prepared for attempted incursions from every direction. So, DTTL's global policy on information security requires member firms to institute a wide range of security measures, covering areas such as virus protection, data backup and recovery, encryption, password authentication, access to systems, and network security. These actions are critical to safeguarding and appropriately using confidential information, confronting ongoing threats, and meeting member firm client expectations.
Confidentiality is not a one-time investment, or a one-off compliance or risk activity. It is an ongoing, evergreen process that must be done in a holistic way; an accountwide transformation that enhances member firms’ ability to deliver seamless, global client service.
To this end, DTTL currently is rolling out a Confidential Information (CI) program to its member firms around the globe. It is a strategic initiative, driven by network leading practices and consistent standards, aimed at safeguarding confidential information at the client account and engagement levels. Furthermore, the CI program instils a culture of accountability and proactive management of confidential information. The CI program was piloted by Deloitte US in 2014, and since then, it has been implemented in more than 250 member firm client accounts covering close to 1,000 member firm client engagements.