Cyber Risk Resilience - v7isacacuracao.com/.../10/Cyber-Risk-Resilience-Sheets.pdf ·...
Transcript of Cyber Risk Resilience - v7isacacuracao.com/.../10/Cyber-Risk-Resilience-Sheets.pdf ·...
1
Cyber Risk Resilience
Deloitte Dutch Caribbean13 October 2015
Mastering Leadership, Strategy and
Change in the Cyber Information Age
© Deloitte Dutch Caribbean 2015
Introductions
© Deloitte Dutch Caribbean 2015 2
Mario FloresPartner
Mario is a Partner at Deloitte Dutch Caribbean. He is
responsible for the Risk Advisory and Technology
Consulting departments.
Arjan KlunderManager
Arjan is a Manager at Deloitte Dutch Caribbean, and is
responsible for the Cyber Security strategy and
initiatives within Deloitte Dutch Caribbean.
Part
1
The need for resilience in this
new Cyber Age
What are the new risks in this new Cyber Age
and why do we need Cyber Risk Resilience?
Obtaining Cyber Risk Resilience as an
organization
How to obtain Cyber Risk Resilience to survive
in this new Cyber Age
Part
2
2
The need for
resilience
in this new Cyber Age
Arjan Klunder
© Deloitte Dutch Caribbean 2015 3
© Deloitte Dutch Caribbean 2015
What is this new Cyber Age?
4
3
© Deloitte Dutch Caribbean 2015
Prehistoric agesFew inventions
Stone Age, Bronze Age, Iron Ages
Middle agesVarious inventions
Invention of Mills,
Printing Press, Medicine
Modern agesMany inventionsE.g. Industrial Age,
Atomic Age, Space Age,
Computers, and the
Internet4
Cyber
Age
?
© Deloitte Dutch Caribbean 2015
Prehistoric agesFew inventions
Stone Age, Bronze Age, Iron Ages
Middle agesVarious inventions
Invention of Mills,
Printing Press, Medicine
Modern ages
Many inventionsIndustrial Age, Atomic
Age, Space Age,
Computers, and the
Internet4
Cyber
Age
?
TE
CH
NO
LO
GY
AD
VA
NC
EM
EN
T �
TE
CH
NO
LO
GY
AD
VA
NC
EM
EN
T �
TIME �TIME �
4
7© Deloitte Dutch Caribbean 2015
“ Land was the raw material
of the agricultural age.
Iron was the raw material of
the industrial age.
Data is the raw material
of the cyber age. ”
– Alec Ross
8© Deloitte Dutch Caribbean 2015
What is Cyber?
5
Our world and our society is becoming more and more digital
And at an ever faster pace!
9
Increased use of digital technology
10© Deloitte Dutch Caribbean 2015
6
The real world and virtual world is blending
11
© Deloitte Dutch Caribbean 2015
An enormous amount of data being is being collected
12© Deloitte Dutch Caribbean 2015
7
© Deloitte Dutch Caribbean 2015
How Target figured out a teen girl was pregnant before her father did
Source: How Target Figured Out A Teen Girl Was Pregnant Before Her Father Did, Forbes (2012)
13
Everything gets connected
“In 2018, Earth will be
home to 7.6 billion people.
By contrast, some 25
billion devices will by
then be connected”
– Kevin Ashton, 2009
© Deloitte Dutch Caribbean 2015 14
8
The internet of thingsThe world is becoming hyper connected
© Deloitte Dutch Caribbean 2015
THEINTERNETOFTHINGS
15
New technologies & applications
• Virtual reality
• 3D Printing (e.g. printed prototypes or hip
replacements)
• Drones (e.g. postal packages being sent via drones)
• Smart Machines & Robotics
Technology enables new models
• Cloud computing (e.g. highly standardized global services)
• Social Media
• Data analytics driven business
Rapid adoption of new technologies and
new business models
© Deloitte Dutch Caribbean 2015 16
9
Exponential growth
© Deloitte Dutch Caribbean 2015 17
© Deloitte Dutch Caribbean 2015
Sounds great this Cyber Age! What’s the catch?
18
10
© Deloitte Dutch Caribbean 2015
New technologies means new vulnerabilities
19
© Deloitte Dutch Caribbean 2015
Hyper connectivity means being exposed
20
11
Devices connected to the internet in the Caribbean>
Are they secure enough?21
22
Who is targeting your organization?
12
Attacker Determ ination
Att
acker
So
ph
isti
ca
tio
n
Accidental
D iscovery
M alware
Insider
Lone H acker /
H obbyist
Business
Partner
‘Script kiddy’D isgruntled
ex-Em ployee
D isgruntled
Custom er
C om petitor
D isgruntled
ex-IT
Adm inistrator
‘H acktivism ’
C yber
Terrorism
Hacker
C ollectives
O rganised C rim e
State-sponsored
Cyber W arfare
Who is targeting your organization?
© Deloitte Dutch Caribbean 201523
Targeted and Non-targeted attacks
Some thoughts
� Attackers and researchers scan every IP in the public domain daily;� Non-targeted attacks can have significant impact;� A majority of the security incidents are caused by non-targeted attacks;� Non-targeted attacks can lead to targeted attacks;
Targeted Attacks
Focused on your day-to-day business activities, for example by:� Cybercriminals; steal data, steal money, affect continuity� Disgruntled employees; compromise systems from the inside� Hacktivists; having moral reasons to attack
Non-Targeted Attacks
Mass-spread malware via email, websites, usb’s aiming to:� Infect systems/servers for botnets� Encrypt data and force organizations to pay (ransomware)� Create stepping stone for consequent targeted attack
!© Deloitte Dutch Caribbean 2015 24
13
How big is the problem?
© Deloitte Dutch Caribbean 2015 25
Source: The Global Risks Landscape 2015 (World Economic Forum)
How big is the problem?
TNO: “cybercrime costs at least 10 billion euros annually” or 1.5 to 2 percent of our
GDP, the cost is more in the region of 20 to 30 billion euros (McAfee, Symantec,
Eurostat, KLPD and Govcert.nl)
Ponemon Institute:
� 90% of US companies have been victim of a cyber attack in the last 12 months
� Nearly 60% reported two or more breaches in the last 12 months
� More than 50% stated they have little confidence of being able to stave off further attacks in the
next 12 months
© Deloitte Dutch Caribbean 2015 26
14
Privémailbox Belgische premier
gekraaktGepubliceerd: 31 mei 2013 15:00
De privémailbox van de Belgische premier Elio Di Rupo is gekraakt. Onbekende aanvallers braken in op
zijn account en maakten honderden e-mails van de premier buit, die ze vervolgens naar een Belgische
krant stuurden.
Dat meldt de Belgische krant De Morgen vrijdag.
De krant ontving een anoniem poststuk met een cd-rom waarop honderden verouderde e-mails van Di Rupo waren
gebrand. De elektronische post dateert uit de jaren 2004 tot en met 2008, toen de huidige Belgische premier nog
leider was van de Parti Socialiste.
Cyber attacks are increasing in numbers
27
The impact can be enormous
© Deloitte Dutch Caribbean 2015 28
15
Reactive To
Hobby hackers
Mostly small and simple attacks
Simple viruses
Not organized or coordinated
Technical interest in vulnerabilities
Organized cyber crime and hackers
Complex attacks
Sophisticated malware (based on zero day exploits)
Highly organized (e.g. hacker collectives, criminal organizations)
Wide range of motives
From
The threat landscape has changed
© Deloitte Dutch Caribbean 2015 29
Reactive Proactive
Static Dynamic
Reactive
Preventative Monitor, detect & respond
Guarding the perimeter Guarding the environment
Closed / Keep out Open / Connected
The need for a paradigm shift towards cyber risk resilience
© Deloitte Dutch Caribbean 2015 30
16
Cyber Intelligence Center | Business Plan | 15 December 2014 Strictly Private & Confidential
� Perimeter based defense is obsolete. The days that you
could passively protect your most valuable assets behind a
big wall are over.
� In the hyper connected world, the doors in the wall are open
for your people, partners and clients to access your
environment. So just assume the danger will also get in.
� Although it isn’t possible for any organization to be 100%
secure, it is possible to use a mix of processes for
prevention, detection and response to keep cyber risk below
an acceptable level.
� To be open and secure at the same time you need a pro-
active defense that not only tries to prevent an intrusion, but
is able to detect it timely when it happens and then respond
adequately
� To be effective and well balanced, a cyber-defense must
have three key characteristics. It needs to be secure, vigilant
and resilient.
Cyber
Resilience
Open and
vulnerable
Level of connectivity
Level of security
Closed and
secure
Cyber
Resilience
The need for a paradigm shift towards cyber risk resilience100% prevention is impossible. Resilience is needed !
Compromise
© Deloitte Dutch Caribbean 2015 31
Being
VIGILANT
means having threat
intelligence and situational
awareness to anticipate and
identify harmful behavior.
Being
RESILIENT
means being prepared and
having the ability to
recover from cyber
incidents and minimize
their impact.
Being
SECURE
means having risk-prioritized
controls to defend critical
assets against known and
emerging threats.
© Deloitte Dutch Caribbean 2015 32
17
Obtaining
Cyber Risk Resilience
as an organization
Mario Flores
How to obtain resilience?
The very innovations that drive business growth create first order cyber risks.
Regulatory
compliance
Growth /
innovation
Operational
efficiency
Risk
management
BUSINESS VALUE
GOVERNANCE
Identify top risks, align investments, develop an executive-led cyber risk program and adapt to changes in business
strategies and threats
Secure
Capabilities
Take a measured,
risk-prioritized
approach to defend
against known and
emerging threats
Infrastructure security
Data protection
Identity and access
management
Vigilance
Capabilities
Develop situational
awareness and
threat intelligence to
identify harmful
behavior
Threat intelligence
Security operations
Resilience
Capabilities
Have the ability to
recover from and
minimize the impact
of cyber incidents
Incident readiness
Incident recovery
Business resilience
and recovery
A robust cyber risk program is integral to business success. While
being “secure” is more important than ever, there is a growing
need to be constantly “vigilant” and “resilient” in the face of shifting
cyber threats.
What is my
risk
appetite?
What is my
business strategy
and related cyber
risk?
Who are my
adversaries
and their
motives?
What critical
assets are
they interested
in?What tactics
might my
adversaries use
to attack?
What governance,
processes and
capabilities
does my business
need?
© Deloitte Dutch Caribbean 2015 34
18
Cyber Incident ResponseResilience requires proper Incident Response capabilities
• Sets tone-at-the-top
• Aligns strategy with organizational goals
• Provides mechanism for cross-functional communication
• Avoids “tunnel vision” when planning response and recovery strategies
• Reduces adverse impact to business operations and revenue streams during incidents
• Aligns IR efforts with Security Management and IT engineering initiatives
• Create technology architecture that can rapidly adapt to and recover from cyber incidents
• Improve situational awareness
• Confirm applications are highly resistant to standard attack vectors
• Demonstrate alignment with obligations
• Embrace a risk-based approach that puts focus on high impact areas
• Strengthen organizational readiness for addressing regulator and law enforcement inquiries
• Protect revenue, IT, physical, and personal assets
• Respond to unplanned events with minimal disruption
• Plan for and recover from disruptions quickly, regardless of specific incident characteristics
• Develop a remediation plan that incorporates short and long term goals
• Close identified technical and business process gaps
• Monitor technology infrastructure for repeat events
Strategy
Governance
Business Operations
Technology
Remediation
Risk &
Compliance
Organizations
should perform
activities within each
of the six Incident
Response
disciplines to enable
rapid adjustments
during Incident
Response
situations that
involve dynamic
internal and external
changes.
© Deloitte Dutch Caribbean 2015 35
It starts by understanding your organizational risk appetite
� Cyber criminals
� Hacktivists
� Nation states
� Malicious insiders
� Rogue suppliers
� Competitors
� Skilled individual hacker
� Sensitive data
� Financial fraud (e.g. wire transfer,
payments)
� Business disruption (building
systems, etc.)
� Threats to health & safety
Who might attack?
What are they after and what key business
risks must we mitigate?
What tactics might they use?
� Spear phishing, drive by
download, etc.
� Software or hardware
vulnerabilities
� Third party compromise
� Stolen credentials
� Control systems compromise
© Deloitte Dutch Caribbean 2015 36
19
© Deloitte Dutch Caribbean 2015
Starting your journey>.but which road to take?
Five actionable movesIncrease your operational capabilities
� You constantly read about hacked
companies. You know about an increase of
sophisticated attacks. You’re aware that
prevention on its own is no longer enough.
Your board and stakeholders are expecting you
to move ahead.
� You need to comply with policies, legislation
and to be in sync with your risk management
principles.
Proposed 5 next steps
1. Execute an agile gap analysis and
create a roadmap
2. Design and implement a Target
Operating Model
3. Roll our your initial operational capability
4. Run your first cyber simulation
5. Keep on building your maturity
© Deloitte Dutch Caribbean 2015 38
20
1. Execute and agile gap analysis and create a roadmapUnderstand where you are, where you’d like to be and what is needed to bridge
the gaps
The first step: understand where you are, decide where you’d like
to be and create an actionable roadmap to bridge the gaps.
1. Determination of the current state against a best practice
Security Operations capability model (ex. ISO 27000/1, CIP –
Critical Infrastructure Protection, NIST Cybersecurity
Framework, Standard of Good practice, etc.)
2. Determination, in conjunction with your business objectives, of
the future desired state
3. Identification of gaps per assessed area
4. Construction a prioritized roadmap with people, processes and
technology work packages, indicating priorities, addressed
risks and estimated costs
© Deloitte Dutch Caribbean 2015 39
2. Design and implement a Target Operating Model (TOM)Design how Security Operations will fit into the organization and provide value to
the business
A Security Operations TOM is the blueprint on how your
operational capability will bring value to your businesses,
defining the position in the organization as well the necessary
structure to deliver added value security services. A TOM needs to
be designed and implemented covering:
� People
� Processes and
� Technology
Aspects of the TOM should include:
� Security Operations Center (SOC) Governance
� Operational policies, procedures and technical instructions
� SOC service catalogue
� Job profiles and staff augmentation
© Deloitte Dutch Caribbean 201540
21
Service Catalogue (1)A number of services underpin an Information Security Operating Model
© Deloitte Dutch Caribbean 201541
Service Catalogue (2)A number of services underpin an Information Security Operating Model
© Deloitte Dutch Caribbean 201542
22
3. Deploy your Initial Operational CapabilitySecurity Operations need to fit into the organization and provide value to the
business
Having understood the existing gaps and the supporting
operating model, it’s time to build the necessary capabilities.
� Implement an initial capability, using selected delivery methods:
in-house, fully outsourced and hybrid. Outsourced and hybrid
are considered managed services, whereas in-house is
operated by the client
� If required outsource and implement a custom and dedicated
SOC for you, in which a third party takes care of absolutely
everything
© Deloitte Dutch Caribbean 201543
4. Run your first cyber simulationPractice a major incident blending incident response and crisis management
Once your initial capability is in place, it’s time to put it
to the test. There are no better learning lessons that those
derived from real incidents, but they are obviously unwanted.
Therefore, a professional cyber simulation can be as
valuable, without negative effects of a real breach. The
benefits of cyber simulation are multiple:
� Ability to improve the overall cyber defensive capabilities
by executing a red and blue flag exercise, which will show
the resilience level against different attacks, and the
corresponding level of defensive capabilities
� Generate board level and business leader awareness on
APT resilience
� Motivate teaming and enhance relations of different
departments
� Create the foundation to connect incident response with
crisis management, and connect both activities together
© Deloitte Dutch Caribbean 2015 44
23
5. Continuously improve and elevate your maturityFrom an initial operational to a fully operational capability
Security Operations is a journey. Therefore, there is a
need to continuously adjust the capability level to the
different threats and innovations of the relevant actors.
This can be done in conjunction with the results of the gap
analysis:
� People: Career management advisory, staff
augmentation, training and in/outsourcing SOC
functions.
� Processes and governance: Adjusting the services
catalogue, designing and implementing new services,
update the procedure catalogue.
� Technology: Maintenance of existing technology and
additions to the existing footprint, including security
engineering efforts
45© Deloitte Dutch Caribbean 2015
Security Maturity PlanningUnderstand where we are today and where we want to be in the future
© Deloitte Dutch Caribbean 201546
10%10%
30%30%
35%35%
Not World-Class World-Class
Level of Security Program Maturity
Rela
tive S
ecu
rity
Pro
gra
m M
atu
rity
Distribution of typical large global 2000 companiesSource: Gartner
• No formalized
security activities
exist
• Ad hoc controls
implemented over
time
• Tasks are
informal and
uncoordinated
• Processes
undefined and
staff changes
cause failures.
• Security
processes are ad
hoc, disconnected
and disorganized
• Advocates exist
but no formal
program in place
• Limited but
increasing
acceptance of the
need for a formal
program
• Processes fully
mature
• Investments and
decisions are
linked
• Stakeholders
feedback used to
adjust & improve
as people,
technology and
bus. requirements
change
• Part of culture &
and is an integral,
inseparable part of
operations &
decision making
• Performance
highly predictable
• Goals, practices, &
performance metrics
• Processes
formalized &
implemented.
• Formal governance
& compliance model
exists
• Formal program vision
outlined and mgt. buy-
in secured
• Requirements &
responsibilities defined
• Implementation
initiated & gaps
identified
• Comm. & education
rolled out
24
© Deloitte Dutch Caribbean 2015
Cyber Threat Intelligence
What is Cyber Threat IntelligenceWhy do we need it?
� Organizations face challenges to keep track of the
emerging threat landscape.
� Organizations lack process capabilities for taking timely
action on the real-time intelligence.
� With emerging technologies, there is a proportional rise in
complexity of managing cyber assets which creates
several telltale security misconfigurations.
Cyber Threat Intelligence manages collecting, correlating,
enriching and distributing actionable and proactive cyber
intelligence data to help organizations put themselves in a
defensive posture against emerging cyber threats.
48© Deloitte Dutch Caribbean 2015
25
What constitutes Intelligence
� Vulnerabilities and Exploits� Zero-day vulnerabilities
� Popular attack surfaces
� Exploit Kits
� Vendor notifications and Patches� Technologies and Popular Vendors
� Advisories and Alerts
� Patches, upgrades and security bulletins
� APT campaigns� Targeted attack patterns
� Threat actors involved
� Threat tactics, tools and malware
� Vulnerabilities Exploited
� Geographical region targeted
� Profiles of the affected victims
� Independent Researcher’s works� Proof of Concept for Exploits
� Discovery of Zero-day vulnerabilities
� Cyber Security Incidents� Data Breaches
� Identity and financial thefts
� Infiltration and Exfiltration attempts
� Malware activity and Traffic analysis� Latest malware proliferation
� Infected platforms
� Signatures and Hashes
� Malware Authors
� Source code
� Geographical Expanse
� Botnet and DDoS activity
� Command and Control servers
� Underground Forums and IRC Channels� Discussions on hacking, malware
� Identity data disclosure, doxes
� Posts on Malware and Exploit kits
� Sale of Identity and Financial data
� Emerging Cybercrime-as-a-service groups
� Indicators of Compromise� Malicious IP addresses
� Malicious Domains
� IDS/ IPS, Yara, etc., signatures
� Social Engineering and Phishing Campaigns� On going Phishing and spam campaigns
� Geographical regions
� Spear-Phishing Emails
� Phishing domains
49© Deloitte Dutch Caribbean 2015
Open Intelligence SourcesFrom Search engines to feeds
Primary Search Engines• Google• Yahoo• Bing• Lycos• ....
Country Specific Search Engines• Japanese and Chinese• Middle East• European• Latin American• Asia Pacific....
Paste Sites, File Repositories and Data Leak sites• Pastebin• Anonfiles• QuickLeak• WikiLeak…..
Miscellaneous• Shodanhq• Robtex• Datalossdb• IP/Domain search sources• …..
Security Researchers• Brian Krebs• Mikko Hypponen• Pierluigi Paganini• Antivirus Vendors
Product Vendors• Microsoft• Cisco• Adobe• Java• ....
Hackers and Cyber Criminals• lampeduza.net• rescator.net• toxic0de.net• maldev.net• ...
Freelance Malware Analysts• Malwaredontneedcoffee• Kafeine• Malwaremustdie• Pwndizzle• ...
Twitter• Security Researchers• Hackers• Hacktivist groups• Vendor Tweets• .....
Feeds• Dark Reading• Sans ISC• The State of Security• Hackread• Exploit DB
Feeds• CNET• USCERT• ICS CERT• Wired• The register
Feeds• Office of inadequate security• Trend Micro Simply Security• Krebs on Security• Information Week• …
26
Threat Intelligence FrameworkActionable Intelligence
A comprehensive approach to maximize the value gained from collecting, correlating, enriching and distributing intelligence data
Technology
Configuration
Data
Infrastructure &
ApplicationLogs
•Commercial Feeds•Law Enforcement•Industry Associations•Underground Forums•Hash databases•GEOIP data
•Honeynets•Watch-list monitoring•Vulnerability scanning•Vulnerable web application monitoring•Web page virus scanning•BGP Hi-Jack monitoring•DNS Poison monitoring
•Fraud investigations•Security event data•Security incident feeds•Abuse mailbox info•Vulnerability data•Human intelligence
External Cyber Threat Intelligence Feeds
Cyber Threat Intelligence
Analysis
•Keyword Monitoring•File Monitoring•Monitoring of under ground and criminal websites for confidential information
Internal Threat Intelligence Feeds
Proactive Surveillance
Information Leakage Intelligence
Threat Intelligence
&Incident
Reporting
Security, Fraud and Operational
Risk Teams
Observe, Orient,
Decide, Act
51
The OODA CycleActionable Intelligence
Monitoring and Collection
Previous
Experience
Correlate
New
IntelAnalyze Decision Action
Implicit guidance and control
Observe Orient Decide Act
CTI
Internal
Environ
ment
52© Deloitte Dutch Caribbean 2015
27
Consider all angles:
Don’t overlook managing 3rd party risk
Third Party RiskWhat is a third party?
Extended enterprise/third-party landscape (Illustrative)
Agents
Affiliates or
subsidiariesJoint ventures
Contractors
Vendors
Business partners
Government
organizations
Law firms
Service providers
• Any individual or entity, which is not a direct employee, which provides a
product/ service to, or on behalf of, the sourcing organization
• Typically managed at both the engagement and relationship levels
54© Deloitte Dutch Caribbean 2015
28
What Third Party Risks Should be Managedpossible inherent and unique risks
Risk category Description
Inherent risk to
the product/
service
Cyber risk • Ensuring confidentiality, integrity, availability of information assets
Compliance/legal risk • Actions inconsistent with legal, policy or regulatory requirements
Operations risk • Third-party failures resulting in impact to IT or business operations
Contractual risk • Inability to deliver product/service to contractual requirements
Business continuity risk • Inability to continue providing product/services
Intellectual property risk • Inappropriate use of intellectual property by the third party
Risks unique to
the third party
Financial risk • Inability to meet contractual obligations due to financial difficulties
Reputation risk • Third-party issues impacting organization’s brand and reputation
Geopolitical risk • Region/ country-specific factors affecting the third party/ business
Strategic risk • Third party not aligned with the organization’s strategic objectives
Credit risk • Inability to make obligated payments
Quality risk • Inability to deliver product/service in line with quality expectations
55© Deloitte Dutch Caribbean 2015
Conclusion
56© Deloitte Dutch Caribbean 2015
29
Critical Success Factors
Cyber Risk
Response (CIR)
Executive Crisis
Management
Legal, Risk, &
Compliance
The Plan
Supported by
Technology
Simulate the
EventOperations
Cyber
Education
Response
Team
Educate executives on crisis
communication plans and their
associated responsibilities.
Setting tone at the top of
organizational hierarchies has
cascading impacts.
Prevent your plans from
becoming “shelf ware” by
training your CIR team
periodically.
Carefully select CIR team
members and confirm they
have the requisite skills and
experience to perform
responsibilities outlined in
the plan.
Involve business operations in
cyber Incident Response
planning so that mission critical
processes and systems are
available when crises occur.
Simulate realistic incidents
regularly. By exercising the plan,
organizations can build “muscle
memory” and respond more
effectively and consistently.
Organizations should
embrace technologies that
enable operational
resiliency and proactive
detection and response
capabilities.
Simple, flexible and distributed
plans provide guidance to
responsible parties throughout
the organization. Understand
where external help is needed
and have contracts and
capabilities in place
beforehand.
Determining legal, regulatory, and
compliance issues in the midst of a
crisis is a bad place to be. Prepare
ahead and incorporate these
considerations into the CIR plan.
57
You will be hackedIt is not a question of ‘if’ but ‘when’
You will be asked:
� Were you aware of the risk?
� Which measures did you take to prevent and
manage this attack?
Your answer should be:
� Yes, I was aware of the risk
� Yes, I have taken the necessary measures.
Including: penetration testing, patching, threat
intelligence, awareness, etc. 4 and 4
� We were able to contain the impact because
of our detect and respond capabilities
58© Deloitte Dutch Caribbean 2015
30
Questions & Discussion
© Deloitte Dutch Caribbean 2015 59
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member
firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL
and its member firms.
Deloitte provides audit, consulting, financial advisory, risk management, tax and related services to public and private clients spanning multiple industries. With a globally connected network of member firms in
more than 150 countries and territories, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte’s
more than 210,000 professionals are committed to becoming the standard of excellence.
This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte network”) is, by means of this
communication, rendering professional advice or services. No entity in the Deloitte network shall be responsible for any loss whatsoever sustained by any person who relies on this communication
© 2015. For more information, contact Deloitte Touche Tohmatsu Limited.