Enterprise Risk Services blog

The world of rugby underwent a major transition at the turn of the millennium, as the shift in culture following the professionalisation of the game in the mid-90s started to take root. 

Phil de-Glanville, former England rugby captain and a player who straddled both the amateur and professional era, talked Deloitte through some of the changes that started to occur as the drive to enhance performance created a desire to deconstruct, measure and improve. 

Speaking of his time with England:  “Sir Clive Woodward broke the game down into components, very specific parts.  It wasn’t just forwards and backs, he also looked at defence, kicking, and ultimately developed a view of how each individual player should contribute.  He wanted to make everything measurable and work out how to improve even the smallest component.  Defending particularly improved massively as a result.”

This deconstruction of the thing which you are trying to improve is the start.  The next step is to represent the relationship between all the components in data - so that each component can be tweaked, and the impact tested against a baseline.  For true data-driven thinking, this is a must-do.

Michael Bourne, who is now Head of Science and Medicine for the England and Wales Cricket Board (ECB), having previously held the role of National Lead for Performance Analysis at the ECB, explains how he tackles this challenge:  “I build a model of the sport to find the factors which explain the outcome. In the first instance this would be theoretical modelling of the first principles of the sport. You use a hierarchical model where you take a discipline and you define mathematically what it takes to, for example, throw a javelin 90 metres, or run a 100m in less than 10 seconds. You use this model to work out where your interventions are necessary [i.e. where you will try to make a change] and what data you need to collect to explain that particular part of the model.”

In a business context this might involve modelling the relationship between different departments, as a simple example: if the sales team increase their efforts, what impact does that have on the inbound call centre?  It is impossible to make an informed decision about a change to strategy in one division, if you do not understand its impact on another. 

“In a hierarchical model you know the inter-relationships of all of the factors. In long jump for example, you would know the direct impact on distance jumped if you increased your run- up speed by 2 metres per second, and you would also seek to understand what positive or negative effects increasing run up by this speed may have on other factors. In more linear sports like rowing or cycling you can do this mathematically. In more complex sports like football or rugby you work on more logical principles which you can confirm using statistics.”

It is with this model, and the underlying data supporting it, that you can begin to chip away at the cultural barriers to data-driven thinking, and start to break down a reliance on the HiPPO.

Michael Bourne: “When I used to work in Olympic sports there was a belief that Judo champions needed a minimum of 4 techniques in 4 directions, but when you go back and analyse previous champions, they often only had 1-2 techniques in 1-2 directions. They were so efficient that that was all they needed, contrary to the opinions of many.”

But Bourne points out that there is not necessarily a one-size-fits-all model for a given sport, it is important to understand the specific metrics which pertain to your team’s situation
“You can’t take a non-representative dataset and try to extrapolate that out into the wider population. One example in cricket would be looking at how Australia played when they dominated world cricket. Their process and methods may not be the best way to do things for English cricket, as many things are specific to Australian cricket [for example weather and pitch conditions] and aren’t representative of the English game.”

Many businesses do not truly understand the interrelationships between the various component parts of their operations, and consequently when seeking to make changes they often make decisions based on their instincts or anecdotal evidence, or experience of another organisation which may not be relevant.  To properly answer questions such as “why do we keep sending incorrect bills to our customers?” or “how can I reduce inbound calls to my contact centre?” requires a model to be built which reflects all the factors which might impact upon that outcome.  With this up-front investment, optimising operations is hugely facilitated.

David Blackwell
David is a Partner in Deloitte’s Enterprise Risk Services practice specialising in data analytics, data management and cyber security.  David has worked with many of the UK and Europe’s leading Telecoms organisations, and has deep expertise in helping them secure, manage and derive insight from their data.
Linkedin

Fund managers shepherd highly-valuable assets on behalf of their clients and their business models ensure financial assets like equities and bonds are kept safely. 

So, is enough attention paid to the protection of their non-financial assets?

They say that information is power, and I’ve always thought that it’s particularly true in fund management.  The very core of the business is about gathering information, analysing it and turning it into market-beating performance.  ‘Inside information’ is so powerful that people go to prison when it’s in the wrong place.  Many houses refer to their investment functions as ‘manufacturing’, but there’s no stock and no factory - information is the raw material and the output.  This really is the peak of the ‘information economy’.

So, the one business that should recognise that information is worth protecting should be the fund management business.  Last week I ran a briefing session for Non-Executive Directors (NEDs) from the fund management sector, and was pleasantly surprised to see that this is very true for those charged with providing governance over these firms.  NEDs recognised the risks of handling information like live portfolio information, electronic payment instructions, and clients’ personal information.

In the briefing we talked about the new shape of the cyber threat – and I was a little taken aback by the level of engagement.  It’s worth thinking about why I was so pleasantly surprised.

In the past I’ve heard fund managers decide not to prioritise cyber security on several grounds:

• “This sounds like science-fiction”
• “We’re not a high profile brand, so not an attractive target”
• “I’m not an investment bank, I haven’t got the resources to beat them”

During the discussion it came out that one London-based house trained its staff on this subject by attempting to value a memory card (like those in a mobile phone or a camera) containing their retail client database.  Identity thieves will pay big money for personal information – and given that these databases usually hold bank account and “know your customer” information for many high net worth individuals, they’re an attractive target.  So attractive, this house reckoned, that their little memory card was more valuable per square centimetre than the Mona Lisa.

So it’s likely that an economically rational fraudster will one day target that database, the systems that transfer billions of pounds (whether executed by an outsourced provider or not), or even pre-trade information that can be easily monetised in the market in a determined way.

But this has been true for a few years, so what’s changed?  In our discussion we focussed on criminal gangs who are skilled, resourced and determined.  These are part of the new internet threat that has to some extent replaced the ‘old’ threats of viruses written by loners pursuing only cyber-kudos from their peers.  So how does the new cyber threat relate to those risk attitudes I mentioned earlier?  Here’s my view:

• This is real and it’s happening now.  There are plenty of doom-merchants trying to scare people, but there is at minimum - a kernel of truth here.  Firms are being attacked, and they don’t speak about it for fear of client redemptions.
• A high profile brand might mean that casual attacks are more likely, but organised criminals are willing to do fieldwork.  They look past the first few results on Google, and will target organisations that are less likely to go public about problems and who are less likely to pursue them to the courts
• In any case, the likelihood may be debatable, but fund managers will be just as out-of-a-job as anyone else after a successful attack.
• Even the world’s largest investment banks admit that they can’t stop the criminals getting through every time.  Increasingly, efforts are turning towards effective preparation for and response to breaches.  This levels the playing field with criminals going for the firms that can’t act quickly and decisively when things go wrong.

Imagine the Mona Lisa left on a bench in a London street - it wouldn’t stay there for very long.  It dawned on our group that every day firms expect internet criminals (not to mention all their employees and contractors) to simply walk past assets a lot like these and not be tempted. 

Jon Pumfleet
Jon is a Director in Deloitte’s Enterprise Risk Services practice.  Jon is an Asset Management technology risk specialist, having previously been Head of Technology Risk for a leading UK fund manager for over six years.  He has led operational risk programmes covering 3rd party management, procurement, business continuity, project assurance and security.
LinkedIn

Last week we saw Financial Fraud Action release their 2012 annual fraud figures for the UK banking industry. Two of the stand-out figures relate to the online channel:

- Online banking fraud rose 12 per cent, reversing the pattern of declining losses since 2009;
- Losses on card-not-present transactions rose 11 per cent, the highest in three years, albeit in the context of increased online spending.

These figures represent only a partial view of the overall picture, but they are nonetheless a useful indicator of wider trends across financial services and beyond. Fraud enabled and perpetrated through online channels is once again on the rise, but what are the stories behind these numbers? I have identified four key factors:

1. Low barriers to entry
The online fraud supply chain has become increasingly commoditised. Malware code, infected devices, phishing kits, compromised credentials and mule networks are all available as services to be purchased by growing numbers of less skilled and experienced fraudsters, contributing to the rise in attacks.

2. Few deterrents
Successful prosecutions of the individuals involved in online fraud remain few and far between and stolen funds are rarely recovered. This means that online fraud remains an attractive business.

3. Sophistication and scale
2012 saw record numbers of phishing attacks targeting financial services organisations, with fraudsters seeking to compromise a wide range of personal data from customers. At the same time, malware targeting online services is becoming increasingly sophisticated, with fraudsters rapidly adapting to any changes in the control environment.

4. Wider focus, new targets
I believe that previous successes in mitigating online fraud, particularly in the large retail banks, have forced fraudsters to search for new organisations and online services that are most vulnerable to targeted attacks. In financial services, this means online banking for commercial and corporate customers; building societies and regional banks with online banking; and emerging mobile banking and mobile payments services. However, the reported rise in online banking fraud is indicative of a wider trend, impacting not just banks, but retailers and gaming businesses with online and mobile commerce channels too.

It is important to remember that financial losses are just one part of the impact of online fraud.. The British Retail Consortium estimates that retailers suffered online fraud losses of £77m in 2011-12, yet total costs, as a result of investments in improved security, the erosion of customer trust and lost revenue, were considerably higher.

The growing sophistication of digital fraud threats continues to outpace traditional fraud management controls.  This, combined with the widening focus of attacks, threatens the ability of many organisations to effectively protect themselves and their customers. Given the speed with which attacks can be perpetrated, it is essential that timely and appropriate action is taken by organisations to avoid the consequences of digital fraud, including considerable financial losses and costly reputational damage.

Stephen Nicholls
Stephen specialises in digital fraud prevention. He offers a detailed understanding of business processes and drivers combined with an in-depth knowledge of the digital fraud threats facing financial services and consumer business organisations and an up-to-date perspective on current and emerging market trends
Linkedin

LTE is truly upon us, with the recently launched Deloitte Telecoms Predictions forecasting that there will be over 200 million LTE subscribers by the end of this year.  But will they using their devices in a discernibly different manner?  Will LTE be the same stuff, faster, or will an LTE “killer app” differentiate it from current 3G offerings?

In the late 90s and early 2000s, there was much debate about what the killer app for 3G would be.  3G offered vast performance improvements over the existing capabilities, but in reality it was a technology solution looking for a problem to solve, despite £22.47bn having been spent by UK operators on licences.  Many observers agreed that either pornography or gambling would be the killer app for 3G. That suitable handsets would be available to make content consumable was taken for granted, but arguably the killer app for 3G was the launch of the 3G iPhone in the summer of 2008, some eight years after the UK licence sales. 

The iPhone’s form factor enabled users to comfortably consume data in large quantities in a truly mobile manner.  After years of cutting prices to encourage data usage, the iPhone-induced data demand meant operators had to invest considerable sums to ensure their networks kept pace, despite prices being charged for data not necessarily reflecting this additional expenditure.
So what of LTE?  Does it require a killer app to take off?  Probably not. 

Mobile data is now an everyday part of life.  As a consequence, mobile operators are upgrading their networks to LTE a) because the cost of providing data over LTE is considerably cheaper than over 3G and b) to keep pace with rivals.  Video streaming will be better over LTE – but it’s often acceptable over 3G.  Cloud services will be better, as retrieving content from the cloud (such as music) will be faster – but again it’s currently something that mobile users already do over 3G.
Plus of course users have become accustomed to downloading larger volumes of data to their devices prior to venturing out or using wi-fi hotspots (particularly those not paying for eat all you can data bundles).

This is borne out in research undertaken in countries with more mature LTE deployments (such as Sweden and the US): LTE users are on average consuming more mobile data than 3G users – more video streaming, more web browsing, downloading larger files – but they are not doing anything different.  Perhaps the biggest clue is in the name. LTE = Long Term Evolution.  Evolution, not revolution.

George Johnston
George is a Director in Deloitte’s Enterprise Risk Services practice, specialising in the Telecommunications industry. George has a particular focus on information management and data analytics, and has worked with leading operators across EMEA to help them understand, manage and obtain value from their data on a wide range of transformational programmes.
Linkedin | Twitter

Today the average ethical hacker (or penetration tester) skillset is a lot more complex than “breaking into networks”.  This was an evolution and a response to the changing landscape of security. When I started, not once did I think I would find myself pretending to be someone I’m not, using pin-hole cameras, Neuro-linguistic Programing (NLP) and lock-picking as  part of my skillset. – I honestly thought I was a computer guy!

The rapid pace of change in the way organisations do business has developed new models, new services and new products that sometimes we wouldn’t have thought a decade ago.  As a side effect, this evolution however has also changed the playing field for criminal organisations  and has generated not only an amazing new way of doing business, communicating and going about our daily lives but also has provided  new opportunities for theft and fraud.

In the present day, Information has moved away from IT as much as Hacking has moved away from the classic portrayal of Mathew Broderick as the teenage hacker in the movie “War Games” or Angelina Jolie in “Hackers”. Today hacking is a multi-billion criminal industry, where you can buy bot-nets in bundles of hundreds and thousands, and subversive click-to-hack exploit kits that require no technical knowledge. 

There is an established pattern of organised crime focusing towards the human element in order to reach to the Holy Grail of Information, via sometimes evading traditional IT defences altogether, such as using social engineering techniques like Phishing.

However as cybercrime is becoming more involved and sophisticated so is cyber security.  It has become apparent that static, defensive measures, whilst important, no longer provide sufficient protection to address these dynamic, targeted threats to an organisation’s physical assets or digital information; we need to start engaging in what we could call a “cyber security transformation”.  By taking advantage of emerging and maturing techniques and technologies along with specialised skillsets we can improve our security posture as businesses by allowing for more proactive threat management and incident response.

It may sound complicated but we simply need to start thinking along with the three pillars of cyber security transformation:

• Awareness - Real time threat intelligence, identifying existing vulnerabilities and continuous  monitoring and service improvement.

• Preparedness – Being able to anticipate, assess, plan and prepare for a cyber-attack.

• Response –Attacks will happen. How do we respond, contain and manage the impact?

Ari Davies
Ari is a Senior Manager within Enterprise Risk Services with over 12 years of information security and ethical hacking experience.  Ari is an experienced penetration testing consultant and engagement manager with notable experience in extensive and complex multi-tiered security engagements as well as an extensive background in security operations. LinkedIn

In less than 300 seconds you can experience the speed and intensity of a cyber attack. Today companies can defend themselves, taking control of the situation -- effectively fighting back. Are you prepared?

The FSA wrote to CEOs of Asset Managers in December to say that firms weren’t always realistic about outsourced service provider risk.   They said firms would be in real trouble should a big provider of investment operations or transfer agency go bust.  Broadly this seems fair - the likelihood and impact of such an event could be off the scale in most firms’ risk management processes and as a result, many firms are struggling to see a credible solution to the regulators’ concerns.  The reality is that the regulator will press this issue, and there are some subtleties that may be worth thinking about to both satisfy the requirement and to actually give firms an edge.

Here’s what firms are currently saying:

• “There’s a reason the work was outsourced in the first place”.  Retaining an ability to exercise “step-in” rights or in-source the function quickly defeats the business case for outsourcing.
• “Oversight has to focus on delivery not risk”.  Firms meet providers regularly and get Management Information (MI) on service delivery.  They often skimp on risk because vendors are shy about internal operational risk and clients can’t do much about it.
• “Investment firms have little leverage”.  Providers are typically large global banks.  Most firms have little or no commercial leverage, so expecting these players to adjust their operating models or to expose internal MI is unrealistic.  Even where contractual “step in” rights exist, many people agree they’re hard to enforce.
• “It’s like deck chairs on the Titanic”.  A provider failure would either be caused by – or would cause - major market disruption.  Firms may stop trading after declaring a chaotic market.  Besides, our peers would be equally troubled, so there’s little competitive advantage to be gained.
• “We’ll club together with other firms”.  These organisations have many clients.  Between us we could step in and recover.

So the argument goes that if outsourcing is effectively prohibited, that’s fine – but clients will experience higher fees and get a less resilient service.  That can’t be what the regulator wants, right? In response, the regulator might say:

• “You haven’t outsourced the risk”.  It’s an old one but a good one.  If the new model has new risks, they need managing – and remember the firm has chosen to be in this situation.
• “Oversight is different from risk management”.  Those who monitor providers’ services are typically incentivised by service delivery, not risk management.  So this can’t be about silos – the support, assurance and risk functions need to line up around this one.
• “The business model and environment have changed”.  The sector has outsourced a lot in the last decade, and we know big providers can go ‘pop’ (the regulator may be less averse to this than in the past).  There are few firms who can demonstrate an ability to deal with the combination of those two changes.
• “Limited commercial power doesn’t excuse inaction”.  There are still things you can do to prepare, predict and react.  Not all firms will be affected in the same way - there may be good opportunities to harvest FUM from failed competitors.

So where does this leave the CEOs who have to respond to this letter?  The regulator’s position is likely to evolve – but we know enough to give existing BAU and change efforts something to think about:

•  Narrow responses won’t work.  Vendor managers, BCP, Op Risk and others need to join up.  Solutions from each of these functions alone are likely to be incomplete.
• It’s not all about the big players.  Many firms may be surprised by how a ‘middle tier’ of vendors is critical.  This may include smaller unregulated firms like datacentre providers.  They’re more likely to fail, get less oversight, and could create the same client outcome, i.e. big redemptions.  This is where the outsourced risk is both credible and manageable.
• It doesn’t have to be reactive.  Some firms use formal ‘early warning’ indicators for the financial viability of their providers.  Although a rushed in-source or switch is still unattractive, early detection could provide valuable time to act.

Jon Pumfleet
Jon is a Director in Deloitte’s Enterprise Risk Services practice.  Jon is an Asset Management technology risk specialist, having previously been Head of Technology Risk for a leading UK fund manager for over six years.  He has led operational risk programmes covering 3^rd party management, procurement, business continuity, project assurance and security.
LinkedIn

The United Nations recently reported that there are now 6 billion mobile phone subscribers in the world.  6 billion; nearly one for every man, woman and child on the planet.  Of these, one billion are smartphones, devices which have captured our imagination and are increasingly our gateway to our digital lifestyles.

As with most prominent technologies, smartphones have evolved significantly to provide a vast array of communications, entertainment, information and productivity facilities.  The next wave of innovation is predicted to be the ability to make payments – I say predicted, on some networks and handsets, this facility has already arrived.

The predictions do however, point to a significant increase in the deployment and uptake of mobile payment services, across a number of competing technologies and business models.  By the end of 2012, Gartner is predicting that over $175bn of payments will have been initiated by mobile devices3 and by 2017 Juniper predicts this figure to rise to $730bn.  At the forefront of this growth is Near Field Communication or NFC-based mobile payments, but can also include app based peer-to-peer payment services such as Barclays’ PingIt and M-Pesa in Africa, and QR-based services such as the Starbucks’ in-house payment application.

Clearly, as the use of physical cash declines and card use matures, the natural alternative channel will be the smartphone – this transition is almost inevitable and the opportunities for different players to capture and shape the market are there for the taking.  However the mobile payments space in 2012 presents a potent combination of new and potentially damaging risks.

From a macro perspective, the mobile payments sector is unique as it involves the close collaboration of previously unconnected industries. Retailers, mobile operators, handset and SIM card manufacturers, banks and card payment networks will be required to work together to create a complex ecosystem which contains vastly different objectives, requirements, cultures and experience.  In setting up a mobile payments service, each player has a number of strategic options to pursue.  Do they go it alone or work on a niche offering with one or two other organisations? 

Do they participate in a broader offering such as the US mobile operator joint venture ISIS or the UK’s version, Weve?  How will value be derived from the business model, particularly on the assumption that consumers are not willing to pay more for goods and services simply through choosing to pay with their mobile?  Once a decision is made, what is the regulatory impact of this decision?  These are key questions that clients from across these sectors should be asking themselves at the outset.

From a technology point of view, the risks in establishing a mobile payments ecosystem are immense.  New data sets will need to be owned, governed and securely stored, in line with all relevant information privacy and protection requirements.  Front and back-end technology will need to be completely secure, something which has unfortunately recently impacted Google’s Wallet offering.

The ability to detect and mitigate fraud should also feature prominently in all considerations.  Lastly, as with any large scale implementation, deploying technology to enable mobile payment services presents significant risk, particularly in the context of the different ecosystem players and the complexities of managing different supplier and customer stakeholders.

From a business perspective, there are of course obvious risks in terms of integrating mobile payments services and processes into existing operations, such as finance, procurement and HR.  New mobile payments offerings will need to be governed appropriately, with the right policies and procedures underpinning a risk management and governance framework which will ensure minimal disruption during transition into BAU.

An effective risk management strategy, across the entire risk landscape and managed at each stage of the evolutionary process, should reap significant rewards for any organisation intending to operate in the mobile payments space, ensuring that businesses go to market in a controlled, risk-aware and secure fashion.  The opportunities presented by mobile payments and enabling technologies, to engage and inspire the 6 billion global subscriber base are limitless.  How will these be balanced with risk?

David Blackwell
David is a Partner in Deloitte’s Enterprise Risk Services practice specialising in data analytics, data management and cyber security.  David has worked with many of the UK and Europe’s leading Telecoms organisations, and has deep expertise in helping them secure, manage and derive insight from their data.
Linkedin

Banks’ most valuable physical assets are kept in vaults. Reserves of cash, gold and other valuables are locked behind imposing metal and concrete walls, with state of the art locks and alarm systems. They are hard to break into and a great amount of money is spent in outthinking thieves’ ways to break in. Compare this approach with protecting a brand – arguably, most companies’ most valuable asset.  Like banks with their vaults, companies spend huge sums of money building their brands. Once banks have filled their vaults, they use security staff and sophisticated technology to protect their assets.  Companies sometimes forget how important this is: they invest in campaigns, but forget to hire ‘guard dogs’ and buy ‘alarm systems’ to protect their brand. This error can be costly – but to understand this cost we need to look at how brand value is calculated.

There are two common metrics used in measuring the effectiveness of marketing and branding campaigns. The first is monetary return on investment (ROI) for companies to evaluate the bang they get for their bucks. Money certainly talks but with social media and the phenomenal growth of speed of communication, a campaign can be far-reaching but also harder to measure its wider-impact. A recent article in Forbes highlights the importance of the softer metric of Return of Impression; measures of this include the number of people who see your ad, their engagement on social media sites and most importantly consumer perceptions of the brand.

Brands are emotional and are built by consumers’ experience, thoughts and feelings towards a brand. If companies are not measuring these softer metrics, they will be in the near future and with direct advertising spend in the UK at £16 billion, marketing and branding represents a huge spend by companies, particularly those looking to engage a consumer base.

Yet despite this spend, many companies have seen their brand value slip, some more dramatically than others. While it has been environmental disasters, whistleblowers and employee scandals that have grabbed the headlines in recent years, there have been companies that have struggled with their brand identity as disjointed marketing campaigns and confused messages have affected their bottom line as consumers turn away from them.

Brands can take years to build, are expensive and high-maintenance but brand damage can in hours or days lay to waste the best-laid brands. With so much investment in advertising, PR and customer insight, the large majority of companies have very little provisions in place to protect their most expensive asset.

While they see the value in tracking the effectiveness of their marketing through the Return of Impressions, very few are taking care to track and prevent the threat of an unfavourable news report, viral video or product recall and its impression on current and potential customers and clients. Social media engagement is becoming increasingly popular amongst companies to engage with consumers.  This is a good example of brand defence, but it is just another Maginot Line if not incorporated into a wider brand risk and resilience strategy.

Largely, brand risks are outside of an organisation’s direct control, even those from within the company. Attacks from outside sources are often purposeful and menacing but individuals within the company, who mean no intentional harm, may inflict just as much damage. A confidential email forwarded to the wrong person or a CEO’s snide remark that’s secretly recorded may damage brand equity just as much as dissatisfied customers.

Companies can implement strategies to mitigate the threat of brand damage: planning for worst case scenarios, being proactive in engaging employees to monitor both internal and external threats and learning and adapting from how organisations respond to brand threats to learn what works and what does not all will significantly increase a company’s brand risk.

Marketing campaigns of global giants are frequently slickly executed, highly monitored with plenty of prior-planning. If this same focus was applied to protecting what companies have invested so much to build, companies would be able to spend more time cultivating their brands, rather than digging them out of the dirt of another PR disaster and having to expensively re-grow their brand’s reputation.

Jack Trewin
Jack is a Consultant in Deloitte’s Enterprise Risk Services practice.  Jack is a data specialist, with a focus on analytics and visualising data to deliver data insights.  He has extensive experience providing primary-research services across various industries to financial investors, including hedge funds and mutual funds with event driven investment strategies.
                                      LinkedIn

The cultural shift towards harnessing big data sets can be as hands-on as raising a small child, but there a three baby steps you can take to help drive the change.

Big data is the hottest of hot topics at the moment: The confluence of vast, untapped data with mega-computing power has analysts, technologists, and future-gazers frothing with excitement at the possibilities. From predicting the exact moment a customer might want to buy a new toothbrush, to understanding all the factors that might cause a big, complex oil drilling platform to fail in the North Sea -- big data is the answer.

To read the full article visit: Big Data Republic

David Blackwell
David is a Partner in Deloitte’s Enterprise Risk Services practice specialising in data analytics, data management and cyber security.  David has worked with many of the UK and Europe’s leading Telecoms organisations, and has deep expertise in helping them secure, manage and derive insight from their data.
LinkedIn