Deloitte Tech Trends Poll: You've Been Hacked, Now What?

NEW YORK, Feb. 14, 2013 /PRNewswire/ -- More than one in four (28 percent) of respondents surveyed report their organizations were the victims of at least one cyberattack in the past year; nine percent report multiple breaches, and an alarming 17 percent were not confident that their organizations could even detect an attack, according to a Deloitte Tech Trends poll of 1,749 business professionals.

(Logo: http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-a)

(Logo: http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-b)

"It's no longer a discussion about if an organization will get hacked, but only a matter of when, and how quickly and effectively it will respond," said Mark White, principal and chief technology officer, Deloitte Consulting LLP.  "Organizations across many industries need to change the lens through which they view cyber risk – not only relying on traditional security controls to reveal tell-tale signs of an effective attack – but by considering transforming the way they defend, detect and even manage security by leveraging cyber intelligence and advanced techniques to help identify the coming threat and proactively respond."

Additional findings from the poll include:

• Response times to identify and address breaches vary, with plenty of room for improvement.  Almost half (48 percent) of respondents polled said their organizations identified and triaged threats within hours, while approximately one in five (21 percent) reported their organizations did so within a week, and nearly one in 10 (9 percent) said it took more than a week.
• People, process and technology are ALL critical to cyber threat programs.  Respondents said the following concerned their organizations the most regarding their cyber threat programs: infrastructure and technology (28 percent); right talent/right skills (26 percent); effective operational processes (24 percent) and adequate resourcing/funding (22 percent).
• Consumer/personal information is highly valued by cyber criminals and organizations invest heavily trying to protect it.  Respondents put a high price tag on consumer/personal information, with approximately half (49 percent) reporting that this type of data would be of most value to cyber-criminals, followed by intellectual property (27 percent); corporate strategy information (13 percent) and financial performance information (11 percent).  Consistent with this data, more than half (55 percent) of respondents said their organizations most heavily invested in protecting consumer/personal information, followed by intellectual property (23 percent).

"Cyber security may sound technical in nature, but at its core it is a business issue. Any company's competitive position and financial health may be at stake. Business and technology leaders need to engage in effective dialog about what the business values most, how the company can drive a competitive advantage, and which information and other digital assets are the most sensitive. Brand, customer trust and strategic positioning may be at risk," said Kieran Norton, principal, Deloitte & Touche LLP and leader of Deloitte's U.S. cyber threat management practice. "There may be no such thing as hacker-proof, but there's a chance to reduce your cyber beacon, be less inviting to attack, and proactively establish outward- and inward-facing measures around your most valued assets."

Based on the Feb. 7 Deloitte Dbriefs webcast "If You Build It, They Will Come – And Try to Hack It," the results of the poll underscore the increasing importance of cyber intelligence highlighted in the "No Such Thing as Hacker-proof " chapter in Deloitte's 4^th Annual Tech Trends Report, "Elements of postdigital." The chapter is co-authored by Kieran Norton and Kelly Bissell, principal, Deloitte & Touche LLP and leader of Deloitte's information & technology risk management and global incident response practices.

About Deloitte's "Tech Trends" Dbriefs Webcast Poll

Deloitte polled 1,749 business professionals on Feb. 7, 2013, from industries, including financial services, health care, life sciences, retail, public sector, travel, consumer and industrial products, energy and resources, and technology, media and telecom during a Dbriefs webcast titled, "If You Build It, They Will Come – And Try to Hack It."  

About Deloitte Tech Trends

Deloitte's annual "Tech Trends" report identifies the 10 trends most likely to have an impact for CIOs in the coming year and beyond. Now in its fourth consecutive year, the predictions are based on insights from Deloitte's technology subject matter specialists, input from some of its largest clients, and discussions with industry analysts and alliance vendors. A digital copy of this year's complete report is available at www.deloitte.com/us/techtrends2013

As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

SOURCE Deloitte