Infosec a key part of business risk, says Deloitte
Information security is one of the fundamental aspects of business risk, says Mike Maddison, partner at Deloitte.
Information security is one of the fundamental aspects of business risk, according to Mike Maddison, partner at Deloitte.
“This is a strategic area of focus for Deloitte because information security is important to the world’s largest organisations,” he told the ISSA London 2013 European Conference.
Maddison said it was no longer true that business boards do not understand cyber threats as a business risk. “The board does now ‘get it’ in our experience,” he said.
This is evidenced by the number of times information security cropped up as a topic of discussion at the 2013 World Economic Forum summit in Davos Switzerland, he said.
According to Maddison, there is a growing understanding that there are two types of organisation when it comes to cyber security: those that know they have been breached, and those that do not.
Read more on cyber risk
- Tips for reducing security risks in 2013
- Businesses fail to address consumerisation security risks
- Technology risk management and business continuity guide for CIOs
- Security Think Tank: A risk-based approach to security is key to business alignment
- Security Think Tank: People and risk key to aligning security and business
The challenge now, he said, is for the information security industry to advise businesses on how best to respond to that risk and adapt to constantly evolving cyber threats.
Image: iStockphoto/Thinkstock
