Danny McCance 9 May 2018 10:52am

Deloitte to boost cyber security by £428m

The Big Four firm was the victim of a significant cyber attack last year

Over the next three years Deloitte will spend $580m (£428m) on improving its cyber security capability.

The firm’s European practice also aims to hire 500 new staff to work across cyber security by the end of 2018, according to the Financial Times (FT).

Deloitte suffered a cyber attack in September 2017 with reports suggesting as many as 350 of its clients were affected. Initially the firm claimed that only “very few” of its clients’ information had been impacted. It launched an internal review into the breach.

The increase in cyber defence comes amid rising pressure on firms and businesses to protect client data as the General Data Protection Regulation (GDPR) 25 May deadline approaches.

Under the new regulation organisations guilty of an infringement could be liable to pay 4% of turnover or €20m (£17.5m).

Larry Quinlan, Deloitte’s chief information officer, told the FT that “cyber threat management is a fundamental part of doing business today” and that threats were “evolving and persistent”.

He said it required not just the right technology and infrastructure, but also correct behaviour.

In March the firm appointed Rob Wainwright as a senior partner in its European cyber security practice.

Wainwright formerly spent nine years at EU agency Europol where, as an executive director, he was responsible for police and intelligence cooperation between Europe and the US regarding financial and cyber crime.

Deloitte is not the only Big Four firm to increase its cyber security capability recently. In January, KPMG appointed David Ferbache, former head of cyber policy and plans at the Ministry of Defence, as chief technology officer in its UK cyber security practice.

Last month, reports suggested that nearly one in four (23%) finance businesses don’t know if, or don’t expect they will be ready for the GDPR deadline.