Risk Technology

Things your company can learn from the Ashleigh Madison hack

Reputation is something you build over many years, it adds value to your brand and translates into shareholder value, studies have indicated that 75% of an average  corporation’s value is intangible. A tarnished reputation is therefore also something that can potentially destroy 75% of your corporation’s value in a blink of an eye!

Reputational value translates into greater profits and ultimately results in a sustainable business. In today’s global environment, the reliability, integrity and continued availability of an organisation’s information is a key determinant of its success. Recent studies have revealed that cyber-attacks, data breaches and security incidents feature in the top five risks to resiliency in 2015.

Do you really understand the cyber risk your company is facing and the associated reputational value risk?

An organisation’s reputational value consists of external and internal elements, market perceptions being the most prominent external element while unique intellectual property assets are the most valuable internal element.

The recent Ashleigh Madison hack is a perfect example of how a unique intellectual property asset (subscriber details) was exposed by a cyber-attack and the subsequent public reaction (market perception) to the attack.

With over 9,000 .co.za domains made public by the hackers, many of which belonged to well-known South African companies, the question is, do you really understand the cyber risk your company is facing and the associated reputational value risk?

Organisations need to follow a risk-based approach

By conducting a risk based reputational assessment, organisations are able to identify their internet footprint and exposure to potential threats. Identifying critical assets is a crucial step to understand what actions are necessary to defend against attacks. From an attacker’s point of view it is possible to analyse:

  • Internet domains, associated domains and Internet facing hosts;
  • Technology and hosting infrastructure vulnerabilities;
  • IP address geolocation and hosting provider assessment;
  • Employee identities and credentials available in cyber space; and
  • Evidence of compromise on existing Internet facing hosts, hosting facilities as well as exposure from internal networks

Contact us to engage in a workshop to assist with a roadmap to address deficiencies and improve your current cyber capabilities and maturity.

Henry Peens
Associate Director, Risk Advisory
Email: hpeens@deloitte.co.za
Tel: +27 (0)11 806 5625

 

About the author

Deloitte South Africa

Deloitte is one of the country’s leading professional services firms in Southern Africa, and is dedicated to assisting companies succeed in the business environment- whether it be through our tax, audit, consulting or financial advisory services.

At Deloitte, we understand that solutions are not just a static one dimensional report, but rather, an integrated and innovative answer that helps our clients to better understand key complex industry issues. Not only do our solutions assist our clients in making strategic business decisions, but our unique approach also allows companies to succeed in a competitive business environment by staying ahead of industry trends. Through the collective expertise of nearly 3600 people in 8 cities in South Africa and in 16 cities in Southern Africa, and as a member firm of the global organisation Deloitte Touche Tohmats, we have access to deep insightful and intellectual capital of more than 150 000 people worldwide.

Deloitte- A Culture of Excellence
A key contributor to Deloitte and our culture is the development of human capital. At Deloitte we believe in investing in our culture, in our clients and in our people. The very essence of Deloitte is to offer services of excellence, to both clients and staff, and we believe that it is this culture of excellence that will help us succeed.

Leave a Comment