The sensitivity of cyber security incidents witnessed in the recent past requires careful reaction by the affected organizations. It helps mitigate legal and financial consequences as well as retaining customers. The kind of measures employed by the organization after an attack determines how it survives in the aftermath and responds to similar attacks in the future. The disclosure on cyber attacks is the responsibility of the management to inform the shareholders, legal entities and take the relevant measures as found necessary. For the case of the Deloitte company, the impacts of the hack have far-reaching consequences in various ways, but the company’s reputation remains the most affected.
As a global cyber security solutions provider, its clients trust Deloitte with their data and other resources. However, the recent unfolding of events that have only been communicated to a few clients and associates will cost the company a lot. The nature of the security incident requires internal and external disciplinary measures. The company’s response to the cyber incident is a success and failure at the same time. First, a company trusted by thousands of clients globally should conduct frequent security scans on its systems and employees. The decision to share the security incident with just a few individuals was a genius act as it saved the company from mass public scrutiny and reputation damage. The company needs to segment its network to limit what different user types can access on their systems in the future.
Although the company focuses on providing security services to other companies and individuals, it should focus on internal security. The organizations should also begin vetting employees to limit the chances of malicious insiders, as discussed herein. Lastly, the company should conduct periodic security scans on its systems and fix any vulnerabilities detected (Hopkins, 2017). These measures will ensure the company remains secure in its operations as it gains and retains more customers.
Reference
Hopkins, N. (2017). Deloitte hit by cyber-attack revealing clients’ secret emails.