Risk Technology

Things your company can learn from the Ashleigh Madison hack

Reputation is something you build over many years, it adds value to your brand and translates into shareholder value, studies have indicated that 75% of an average  corporation’s value is intangible. A tarnished reputation is therefore also something that can potentially destroy 75% of your corporation’s value in a blink of an eye!

Reputational value translates into greater profits and ultimately results in a sustainable business. In today’s global environment, the reliability, integrity and continued availability of an organisation’s information is a key determinant of its success. Recent studies have revealed that cyber-attacks, data breaches and security incidents feature in the top five risks to resiliency in 2015.

Do you really understand the cyber risk your company is facing and the associated reputational value risk?

An organisation’s reputational value consists of external and internal elements, market perceptions being the most prominent external element while unique intellectual property assets are the most valuable internal element.

The recent Ashleigh Madison hack is a perfect example of how a unique intellectual property asset (subscriber details) was exposed by a cyber-attack and the subsequent public reaction (market perception) to the attack.

With over 9,000 .co.za domains made public by the hackers, many of which belonged to well-known South African companies, the question is, do you really understand the cyber risk your company is facing and the associated reputational value risk?

Organisations need to follow a risk-based approach

By conducting a risk based reputational assessment, organisations are able to identify their internet footprint and exposure to potential threats. Identifying critical assets is a crucial step to understand what actions are necessary to defend against attacks. From an attacker’s point of view it is possible to analyse:

  • Internet domains, associated domains and Internet facing hosts;
  • Technology and hosting infrastructure vulnerabilities;
  • IP address geolocation and hosting provider assessment;
  • Employee identities and credentials available in cyber space; and
  • Evidence of compromise on existing Internet facing hosts, hosting facilities as well as exposure from internal networks

Contact us to engage in a workshop to assist with a roadmap to address deficiencies and improve your current cyber capabilities and maturity.

Henry Peens
Associate Director, Risk Advisory
Email: hpeens@deloitte.co.za
Tel: +27 (0)11 806 5625

 

About the author

deloittesa

Leave a Comment