SlideShare une entreprise Scribd logo

Information Security - Whats hot for 2012 - Jared Carstensen

J
jaredcarst

A look into the top threats and topics in Information Security for 2012.

Technologie
1  sur  11
What’s Hot in Information Security - 2012 Jared Carstensen SSCP, CISSP, CRISC, CCSK Security & Forensics Deloitte jcarstensen@deloitte.ie
Hot Topics - 2011 Looking Back – What was featured for 2011 • Social Networking – increase in threats and online defamation cases • Growth in e-Discovery cases and solutions • Protecting data at the data layer (Wikileaks)– DLP tools • Smart Phones and risks involved (iPhone proliferation) • Malware for Cyber warfare (Stuxnet) • Online transactions security (customer end point security) • Virtualized environments – security implications • Cloud Computing & security implications Last year saw an unprecedented level of Data Breaches, Hacks, and high profile security related incidents including Sony, RSA, Epsilon, TripAdvisor, United Nations etc. 2 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
Hot Topics - 2012 Looking Forward – What lies ahead for 2012 • Cloud Security • Cyber Warfare and Cyber Security initiatives • End to End eDiscovery • iPhones / iPads / Smart devices Security • Advanced Persistent Threats 3 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
Cloud Security – Here to Stay Cloud Security will remain a hotly debated and dominant feature in 2012. With Cloud adoption continuing to increase both here in Ireland and Internationally, the following elements will continue to feature: • Abuse and Nefarious Use of Cloud Computing • Malicious Insiders • Shared Technology Issues • Data Loss or Leakage • Account or Service Hijacking • Unknown Risk Profile • Compliance (Privacy / Data Protection) • Governance & Risks Elements 4 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
Cyber Warfare & Cyber Security Cyber attacks and Cyber threats have been a constant threat to both national infrastructure and businesses alike over the past 24-36 months with a startling number of increases in attacks. Internationally, protecting national infrastructure and core government systems from cyber threats is a key strategic priority, with cyber attacks identified as a top tier risk over the next five years. Governments, Multinationals, Utilities, Financial Services, Energy, and Services organisation are currently focussing efforts and resources to secure and safeguard critical assets. *Department of Justice & Finance Website attacks on 24/01/2011 5 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
eDiscovery & Digital Forensics “If you recorded all human communication from the dawn of time to 2003, it would take up about five billion gigabytes of storage space. Now we’re creating that much data every two days.” ~Eric Schmidt [Google] • Current Economic Conditions will continue to increase the number of civil litigation cases involving digital data • Digital investigations (Forensics) will assist the growing number of cases both internal to organisations and externally. • Cloud Computing may be the “forgotten” element introducing additional complexity and challenges for investigations 6 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
iPhones / iPads / Smart devices Security Increasing Requirement for Seniors / Board Members to have iPhones / iPads / Smart Devices. Some of the challenges from a security perspective include: • Limited authentication / encryption / audit / logging • Very limited number of security control options • No granularity in application policies (either on/off) • No centralised management • Cannot push new policies over the air on demand • Weak encryption protection if device is stolen • Sensitive data susceptible to jailbreak attacks 7 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
Convergence of mobile devices and the corporate environment leads to new risks that must be addressed • Unencrypted data • Missing screen-lock • Software installed via • Insecure PINs scam mails Compromise • Remote exploitable Local Data vulnerabilities with Physical Access • Against users • Against third Compromise Local Data parties Liability Risks with Remote Access Risk • Mobile Device is • Data Protection associated to mobile devices Unauthorised used as an entry • Telecommuni- Legal and Non Access to the point for the Compliance cations Law Risks Corporate corporate network • Company Network Policy • Disables protection Jailbreaking, Malware and • Apps containing compromised measures on signed Rooting, … malicious code used for Apps apps attacks against the user • Increased attack or the corporate network vector © 2008 Deloitte Touche Tohmatsu
Advanced Persistent Threats (APT’s) Conventional hacker or cybercriminals have been around for quite some time. They tend to operate on a hit ratio or successful outcome basis – they tend not to be solely focussed on any particular target. They may want a thousand credit card numbers for fraud, or to break into an account and turn it into a zombie, or for other associated uses. APT attackers are: • Attackers who are focussed and set on attacking you or a specific target! • It doesn't matter how secure you think you are! All that matters is whether you're secure enough to keep them out. • APT attackers are more highly motivated – there is a motive or reason they are targeting an entity or company. • They're likely to be better skilled, better funded, and more patient (there is typically no “end date”). • They're likely to try several different avenues of attack. And they're much more likely to succeed. 9 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
Questions? 10 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
THANK YOU Jared Carstensen SSCP, CISSP, CRISC, CCSK Security & Forensics jcarstensen@deloitte.ie 086 322 8004 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Deloitte’s 1,200 people in Dublin, Cork and Limerick provide audit, tax, consulting, and corporate finance to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte’s approximately 182,000 professionals are committed to becoming the standard of excellence. This publication contains general information only, and none of Deloitte Touche Tohmatsu Limited, Deloitte Global Services Limited, Deloitte Global Services Holdings Limited, the Deloitte Touche Tohmatsu Verein, any of their member firms, or any of the foregoing’s affiliates (collectively the “Deloitte Network”) are, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your finances or your business. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this publication. © 2012 Deloitte & Touche. All rights reserved

Recommandé

Betty rogers presentation evaluation. 1ppt
Betty rogers presentation evaluation. 1pptBetty rogers presentation evaluation. 1ppt
Betty rogers presentation evaluation. 1pptCindy McCauley
 
HR Post Employment
HR Post EmploymentHR Post Employment
HR Post EmploymentCindy McCauley
 
Cloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared CarstensenCloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared Carstensenjaredcarst
 
Oliver James Presentation Updated
Oliver James Presentation UpdatedOliver James Presentation Updated
Oliver James Presentation Updatedjuliadimarco
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 

Contenu connexe

Dernier

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 

Dernier (20)

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
How Tech Giants Cut Corners to Harvest Data for A.I.
How Tech Giants Cut Corners to Harvest Data for A.I.How Tech Giants Cut Corners to Harvest Data for A.I.
How Tech Giants Cut Corners to Harvest Data for A.I.
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 

Information Security - Whats hot for 2012 - Jared Carstensen

  • 1. What’s Hot in Information Security - 2012 Jared Carstensen SSCP, CISSP, CRISC, CCSK Security & Forensics Deloitte jcarstensen@deloitte.ie
  • 2. Hot Topics - 2011 Looking Back – What was featured for 2011 • Social Networking – increase in threats and online defamation cases • Growth in e-Discovery cases and solutions • Protecting data at the data layer (Wikileaks)– DLP tools • Smart Phones and risks involved (iPhone proliferation) • Malware for Cyber warfare (Stuxnet) • Online transactions security (customer end point security) • Virtualized environments – security implications • Cloud Computing & security implications Last year saw an unprecedented level of Data Breaches, Hacks, and high profile security related incidents including Sony, RSA, Epsilon, TripAdvisor, United Nations etc. 2 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 3. Hot Topics - 2012 Looking Forward – What lies ahead for 2012 • Cloud Security • Cyber Warfare and Cyber Security initiatives • End to End eDiscovery • iPhones / iPads / Smart devices Security • Advanced Persistent Threats 3 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 4. Cloud Security – Here to Stay Cloud Security will remain a hotly debated and dominant feature in 2012. With Cloud adoption continuing to increase both here in Ireland and Internationally, the following elements will continue to feature: • Abuse and Nefarious Use of Cloud Computing • Malicious Insiders • Shared Technology Issues • Data Loss or Leakage • Account or Service Hijacking • Unknown Risk Profile • Compliance (Privacy / Data Protection) • Governance & Risks Elements 4 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 5. Cyber Warfare & Cyber Security Cyber attacks and Cyber threats have been a constant threat to both national infrastructure and businesses alike over the past 24-36 months with a startling number of increases in attacks. Internationally, protecting national infrastructure and core government systems from cyber threats is a key strategic priority, with cyber attacks identified as a top tier risk over the next five years. Governments, Multinationals, Utilities, Financial Services, Energy, and Services organisation are currently focussing efforts and resources to secure and safeguard critical assets. *Department of Justice & Finance Website attacks on 24/01/2011 5 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 6. eDiscovery & Digital Forensics “If you recorded all human communication from the dawn of time to 2003, it would take up about five billion gigabytes of storage space. Now we’re creating that much data every two days.” ~Eric Schmidt [Google] • Current Economic Conditions will continue to increase the number of civil litigation cases involving digital data • Digital investigations (Forensics) will assist the growing number of cases both internal to organisations and externally. • Cloud Computing may be the “forgotten” element introducing additional complexity and challenges for investigations 6 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 7. iPhones / iPads / Smart devices Security Increasing Requirement for Seniors / Board Members to have iPhones / iPads / Smart Devices. Some of the challenges from a security perspective include: • Limited authentication / encryption / audit / logging • Very limited number of security control options • No granularity in application policies (either on/off) • No centralised management • Cannot push new policies over the air on demand • Weak encryption protection if device is stolen • Sensitive data susceptible to jailbreak attacks 7 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 8. Convergence of mobile devices and the corporate environment leads to new risks that must be addressed • Unencrypted data • Missing screen-lock • Software installed via • Insecure PINs scam mails Compromise • Remote exploitable Local Data vulnerabilities with Physical Access • Against users • Against third Compromise Local Data parties Liability Risks with Remote Access Risk • Mobile Device is • Data Protection associated to mobile devices Unauthorised used as an entry • Telecommuni- Legal and Non Access to the point for the Compliance cations Law Risks Corporate corporate network • Company Network Policy • Disables protection Jailbreaking, Malware and • Apps containing compromised measures on signed Rooting, … malicious code used for Apps apps attacks against the user • Increased attack or the corporate network vector © 2008 Deloitte Touche Tohmatsu
  • 9. Advanced Persistent Threats (APT’s) Conventional hacker or cybercriminals have been around for quite some time. They tend to operate on a hit ratio or successful outcome basis – they tend not to be solely focussed on any particular target. They may want a thousand credit card numbers for fraud, or to break into an account and turn it into a zombie, or for other associated uses. APT attackers are: • Attackers who are focussed and set on attacking you or a specific target! • It doesn't matter how secure you think you are! All that matters is whether you're secure enough to keep them out. • APT attackers are more highly motivated – there is a motive or reason they are targeting an entity or company. • They're likely to be better skilled, better funded, and more patient (there is typically no “end date”). • They're likely to try several different avenues of attack. And they're much more likely to succeed. 9 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 10. Questions? 10 What's Hot in Information Security - 2012 © 2012 Deloitte & Touche
  • 11. THANK YOU Jared Carstensen SSCP, CISSP, CRISC, CCSK Security & Forensics jcarstensen@deloitte.ie 086 322 8004 Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Deloitte’s 1,200 people in Dublin, Cork and Limerick provide audit, tax, consulting, and corporate finance to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte’s approximately 182,000 professionals are committed to becoming the standard of excellence. This publication contains general information only, and none of Deloitte Touche Tohmatsu Limited, Deloitte Global Services Limited, Deloitte Global Services Holdings Limited, the Deloitte Touche Tohmatsu Verein, any of their member firms, or any of the foregoing’s affiliates (collectively the “Deloitte Network”) are, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your finances or your business. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this publication. © 2012 Deloitte & Touche. All rights reserved