Trust, verify, grow.

Never mind what happens in comic books; there’s no such thing as an indestructible material. In the real world, even the most durable stuff is vulnerable to microscopic cracks that will, under the right conditions, expand and cause failure. Sometimes catastrophically. And more surface area means more vulnerability.

The same principle, as any chief information security officer (CISO) might tell you, applies to cybersecurity: a micro vulnerability—like a moment’s inattention from an employee—can expand into a profoundly damaging data breach.

Every enterprise contends with this dynamic; one global pharmaceutical company decided to address it head-on.

The company’s surface area was already considerable—tens of thousands of employees; thousands of research and logistics partners and third-party service providers; plus the patients, physicians, and other health care providers around the world that relied on them. Even so, there were emerging markets left unserved, and leaders wanted to expand accordingly.

This posed a considerable challenge: How could the company maintain the collaboration its current stakeholders enjoyed on its network, extend that access to even more stakeholders, and continue safeguarding its sensitive data? How could it prevent information loss when its employees and contractors traveled to these high-risk markets? And how could it do so while adhering to local cultural norms and business models, and complying with recent cyber laws and requirements?

The solution would require a complete rethink of the company’s network architecture, with a coordinated program of security controls that could support growth in risky environments without compromising data. So company leaders reached out to Deloitte’s Cyber & Strategic Risk practice.