Cyber Security Management
Bring Information Security under control
In today’s complex business environment, impulsive reactions to the latest technical security threat will not resolve flaws in the overall approach to security.
Organisations must implement and maintain proactive security governance and compliance programs to survive in today’s competitive market and to achieve operational excellence aligned to their strategy, vision and risk appetite
How Deloitte can help?
Deloitte helps organisations address a wide range of security requirements, using proven methodologies to design and implement programs and solutions around policies and standards, governance and strategy, metrics, automated dashboards, and automated risk and compliance solutions
- Security Transformation – helps our clients provide a step-change in the structure, governance and approach to Information Security. Project lifecycle typically involves selecting a security framework, analysing current state, defining a future state vision, establishing a strategic roadmap and lastly, its implementation
- Security Management – security policy frameworks, including policies, standards and procedures, risk analysis, risk & control self assessments, security awareness e-learnings, etc.
- Security Operational Assistance – provides resources with security and technical expertise to assist our client in executing security operational activities (day-to-day controls, monitoring, risk management tasks, etc.)
Deloitte proposition overview
- Security Assessment & Transformation – Point solutions or comprehensive transformation program in order to improve the Cyber security strategy and governance
- Information Security Policies – Define security requirements through the development of tailor made policies, procedures and baselines
- Information Security Risk & Assurance Management – Provide Management with assurance on controls completeness & effectiveness and measure residual risk exposure
- Security Performance Monitoring-Metrics – Definition and implementation of Key Risk Indicators (KRIs) and dashboards to facilitate effective monitoring of IT security by Management
- Security Standards Readiness & Certification – Assess and audit compliance to security standards such as ISO/IEC 27001, 27002, PCI DSS, ETSI,etc.
- CISO on demand – Design the security function and provide resources with security and technical expertise to support the function
- Security Training & Awareness – Provide tailor made training and awareness session adapted to audience