Infosec a key part of business risk, says Deloitte

Information security is one of the fundamental aspects of business risk, says Mike Maddison, partner at Deloitte.

Information security is one of the fundamental aspects of business risk, according to Mike Maddison, partner at Deloitte.

“This is a strategic area of focus for Deloitte because information security is important to the world’s largest organisations,” he told the ISSA London 2013 European Conference.

Maddison said it was no longer true that business boards do not understand cyber threats as a business risk. “The board does now ‘get it’ in our experience,” he said.

This is evidenced by the number of times information security cropped up as a topic of discussion at the 2013 World Economic Forum summit in Davos Switzerland, he said.

According to Maddison, there is a growing understanding that there are two types of organisation when it comes to cyber security: those that know they have been breached, and those that do not.

The challenge now, he said, is for the information security industry to advise businesses on how best to respond to that risk and adapt to constantly evolving cyber threats.

Image: iStockphoto/Thinkstock

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.