How cyber threat war-gaming can help decrease the impact of cyber incidents
Cyber Risk Services
Risk powers performance
Investments in security are at an all-time high, yet successful cyber-attacks are still on the rise, both in number and sophistication. While today’s fast-paced technology innovation powers new strategic initiatives, it also opens new doors for cyber criminals. They target financial assets and personal data, but also intellectual property and critical infrastructure. Our Secure.Vigilant.Resilient. approach helps you get ahead of cyber risk so your business can keep moving forward. Explore our insights and service offerings below.
Flashpoint: Cyber risk in an Internet of Things world
What makes the Internet of Things (IoT) different from the traditional Internet? People, for starters. The IoT doesn’t rely on human intervention to function. With the IoT, sensors collect, communicate, analyze, and act on information, offering new ways for technology, media and telecommunications businesses to create value—whether that’s creating entirely new businesses and revenue streams or delivering a more efficient experience for consumers.
But this also creates new opportunities for all that information to be compromised. Not only is more data being shared through the IoT, among many more participants, but more sensitive data is being shared. As a result, the risks are exponentially greater.
In this issue of Flashpoints, we’ll take a closer look at some of the more notable developments in the battle to combat cyber risks and take advantage of new opportunities as the IoT expands its reach:
- An integrated risk philosophy is not optional
- Cyber risk management and innovation must be on equal footing
- No global risk standards? No excuse
- Retrofitting can work–but it introduces new risks
- Loosely coupled systems can help now—in lieu of an overhaul
As organizations adopt more and varied ways of interacting with employees, constituents, customers and partners, securing proprietary information and other critical business assets becomes exponentially more difficult, and regulatory requirements more stringent. Addressing an ever-changing set of requirements–typically with finite budgets and security talent–presses business leaders to be more risk-focused in prioritizing their security investments. SECURE services help clients establish controls and processes around their most sensitive assets, balancing the need to reduce risk, while also helping to enable productivity, business growth, and cost optimization objectives. Change and innovation don’t have to be the enemy of security. We can help.
- Enterprise Application Integrity (EAI) solutions help organizations build the controls they need to protect enterprise resource planning (ERP), customer relationship management (CRM), and other core business applications.
- Identity and Access Management (IAM) solutions leverage Deloitte’s IAM Methods 2.0 methodology to help clients control which employees, customers, partners and suppliers access sensitive corporate resources, and streamline the process of managing the explosion in “digital identities.”
- Privacy and Data Protection (PDP) services help clients protect personally identifiable information (PII) and other sensitive data, reducing the risk of data breaches, while also supporting the need for flexible and timely access by a wide range of corporate users.
Vigilant, Inc.’s security monitoring and cyber threat intelligence services are now part of Deloitte’s portfolio of security solutions for high-risk industries.
As it becomes increasingly difficult to prevent infiltrations and unauthorized activity, organizations need threat awareness and advanced detection and intelligence solutions to rapidly identify unauthorized or anomalous activity in their environments. Vigilant services leverage deep experience with analytic and correlation technologies to help clients develop monitoring capabilities focused on critical business processes. By integrating threat data, IT data, and business data, security teams are equipped with context-rich alerts to help prioritize incident handling and streamline incident investigation. You can’t respond to threats you can’t see. We can help.
- Security Operations Center (SOC) Development services help clients with tools, technologies and processes for effective, risk-aligned detection and incident handling, including capabilities for application security and privileged user monitoring.
- Security Information and Event Management (SIEM) Optimization services help clients leverage SIEM technologies for actionable visibility across the IT environment.
- Vigilant Fusion Services provide outsourced Security Operations, Managed Regulatory and Threat Detection support. This can include remote management of the client premise monitoring technologies; integration of threat intelligence; development of monitoring for prioritized alerting when applications, business processes, or critical assets may be compromised; and support for threat and incident analysis.
- Threat Intelligence and Research solutions provide threat data and integration services to automate detection of malicious activity, supported by customized threat research to help companies identify emerging targeted threats and take preemptive action.
Given the ever-changing nature and complexity of today's business ecosystems, the technology environments and cyber threat environments, business leaders are beginning to accept that not all cyber incidents can be prevented. Of the cyber-attacks and breaches that do occur, some may become full-blown business crises. How damaging they become could depend, in part, on how rapidly the situation can be analyzed, how decisively leaders take action and how effectively teams interact with customers, media, legal counsel, law enforcement and industry peers. Resilient services help clients be prepared. Don't wait until a cyber-attack happens. We can help.
- Cyber Crisis Management services help clients develop playbooks, policies and skillsets to support quick, effective cyber incident response.
- Cyber War-Gaming and Simulation services create environments for teams to rehearse their response to staged incidents, allowing them to develop "muscle memory" and identify areas that may need to be improved in order to prepare for a real-world situation.
- Disaster Recovery services provide support to enact contingency plans and return technical operations to a normal state following a cyber-attack or other disruption.
- Cyber Incident Response Support services dispatch skilled technical and crisis management personnel when an incident occurs to assist in technical analysis, containment and post-incident recovery.
Managed Security services
It is more challenging than ever to keep pace with leading security practices and technologies, the regulatory landscape, and evolving cyber threats. Selectively outsourcing aspects of the cyber risk program can help contain costs, broaden coverage, provide access to subject matter specialist, and guidance to mature operational capabilities.
Compared to the broad range of companies that focus on standardized programs for managing security devices and technologies, the mission of Deloitte’s managed security services is to deliver higher value offerings that support our clients’ transformation to a Secure.Vigilant.Resilient. cyber risk approach.
Offerings are organized into two areas:
1. Application Management Services help clients manage the security and integrity controls pertaining to enterprise applications, and the underlying infrastructure components, to support key risk and compliance management functions.
2. Vigilant Fusion Services provide outsourced security operations, managed regulatory and threat detection support. This can include remote management of SIEM or other on-premise monitoring technologies; integration of threat intelligence; support for threat and incident analysis; and platform development for advanced alerting when applications, business processes, or critical assets may be compromised.
Program Development and Governance
To grow and thrive, organizations are increasingly dependent on their complex technology ecosystems to connect with customers and constituents in new ways, to increase reach and profitability, and to garner data-driven insights for strategic decision-making. But as cyber-attacks occur with greater frequency and severity, board members and executives are becoming aware that technology-based innovations and initiatives also open doors to cyber risks.
Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Deloitte's Cyber Risk Program Development and Governance services support the transition to an executive-led cyber risk program that balances requirements to be secure, vigilant, and resilient in line with the risk appetite of the organization.
- Cyber risk and IT security program assessments, conducted on an enterprise-wide basis for specific business areas, provide insight on areas of strength and weakness and guide ongoing investment and organizational transition strategies.
- Executive cyber threat awareness programs help business leaders gain a better understanding of the cyber risk landscape, including how it may impact their particular organization, and establish cyber risk management priorities.
- The CISO transition lab is a one-day experience designed to help newly appointed CISOs develop a 180-day action plan to lead the cyber risk program, focusing on management of time, talent and stakeholder relations.
- Governance, Risk and Compliance (GRC) services help organizations develop practical solutions to achieve better visibility over key components of the cyber risk program, leveraging leading vendor GRC platforms or custom-built solutions.
Governance, Risk, & Compliance