United States

Executive summary: Cybersecurity and data breach preparedness


Download executive summary

As hackers become more advanced, organizations must increase their focus on cybersecurity to protect sensitive data and systems. No organization, regardless of size or industry, is immune to cyberattacks, and just one breach could cause significant financial, reputational or regulatory consequences. However, an effective control environment can reduce the likelihood of a breach, enhance incident detection and response, and accelerate recovery efforts to limit damage.

While many organizations think they may not have the type of data hackers seek, the reality is all information has value. Implementing the right security controls can help deter hackers, but the three distinct disciples each require their own focus.

Preventive controls keep incidents from occurring and deter unauthorized access. Preventive controls seek to secure the perimeter, but with technology such as the cloud and remote access, organizations must expand controls beyond traditional boundaries.

Detective controls help to monitor and alert the organization of malicious and unauthorized activity. Infiltration is typically the focus of detective controls; however, these controls can be implemented at any stage in the attack life cycle to increase data security.

Corrective controls are designed to limit the scope of an incident and mitigate unauthorized activity. Many organizations view corrective controls as solely technical, but they can also be physical, procedural, legal or regulatory in nature.

There is no one-size-fits-all approach to applying security controls. However, implementing the right strategy can make an organization more difficult for hackers to exploit and limit potential damage.


How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.




Getting past the sound and fury of security

  • May 18, 2017


AML and regulatory compliance webcast series—Spring 2017

  • April 25, 2017


ERP implementation risks and their impact on your organization

  • March 29, 2017


2017 cybersecurity outlook and key considerations for nonprofits

  • January 31, 2017


2017 economic and risk outlook

  • January 09, 2017