Beneath the surface of a cyberattack
A deeper look at business impacts
Although cyberattacks are all but inevitable, the extent of their damage is not. By viewing cyber risk through this wider lens, companies can ultimately improve their ability to survive and thrive in the face of increasingly likely cyberattacks
In Beneath the surface of a cyberattack: A deeper look at business impacts, we have leveraged our experience with a variety of cyber incidents and our deep industry knowledge to illustrate how 14 impact factors—including many that are not often visible—can affect an organisation in the days, months and years following a cyberattack.
How can Deloitte help you
We help organisations address pressing strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. We provide industry-tailored solutions, using demonstrated methodologies and tools in an effective manner, with the goal of enabling secure, vigilant and resilient operations across the enterprise:
Secure. Means focussing protection around the risk sensitive assets that both you and your adversaries consider the most valuable against known and emerging threats across the ecosystem. Executives must establish risk-prioritised controls to protect against known and emerging threats, and comply with standards and regulations.
Vigilant. Being alert and identify any attacks as early as possible ability to detect the previously unknown and reduce the reaction time. Organisations must establish situational risk and threat awareness across the environment to detect violations and anomalies. Protecting yourself from what you don’t know.
Resilient. Involves early-stage identification of threats and the capacity to rapidly respond and contain the damage. Identifying “Single Points of Failure” to develop alternative back-up arrangements and strengthening your ability to recover when incidents occur are key. Leadership must establish the ability to handle critical incidents, quickly return to normal operations, and repair damage to the business in order to minimise the impact.
What our experts say:
"The integration of cyber and valuation disciplines provides fuller insight that should inform
the way organisations think about and plan for cyber incidents. It also reveals some important
observations that are difficult to see through the traditional lens of direct cost—and hopefully
will encourage organisations to think beyond the “conventional wisdom”
Derek Schraader - Risk Advisory Africa Leader: Cyber Risk Services