Cyber crime fighting | Deloitte Insights
Viewing offline content

Limited functionality available

Dismiss
United States
  • Services

    What's New

    • US business impact of COVID-19

      Restart and recover with confidence

    • Register for Dbriefs webcasts

    • Change isn't just coming. It's here.

      Taking action against systemic bias, racism, and unequal treatment

    • Tax

      • Global Business Tax Services
      • Global Employer Services
      • Multistate Tax
      • Operations Transformation for Tax
    • Consulting

      • Core Business Operations
      • Customer & Marketing
      • Enterprise Technology & Performance
      • Human Capital
      • Strategy & Analytics
    • Audit & Assurance

      • Audit Innovation
      • Accounting Standards
      • Accounting Events & Transactions
    • Deloitte Private Company Services

    • Mergers & Acquisitions

      • Total M&A Solution
      • Post-merger Integration
      • Divestiture & Separation
    • Risk & Financial Advisory

      • Accounting & Internal Controls
      • Cyber & Strategic Risk
      • Regulatory & Legal
      • Transactions and M&A
    • Analytics

    • Cloud

  • Industries

    What's New

    • US business impact of COVID-19

      Restart and recover with confidence

    • Register for Dbriefs webcasts

    • Industry Outlooks

      Key opportunities, trends, and challenges

    • Consumer

      • Automotive
      • Consumer Products
      • Retail, Wholesale & Distribution
      • Transportation, Hospitality & Services
    • Energy, Resources & Industrials

      • Industrial Products & Construction
      • Mining & Metals
      • Oil, Gas & Chemicals
      • Power, Utilities & Renewables
    • Financial Services

      • Banking & Capital Markets
      • Insurance
      • Investment Management
      • Real Estate
    • Government & Public Services

      • Civil Government
      • Defense, Security & Justice
      • Federal Health
      • International Donor Organizations
      • State, Local & Higher Education
      • Transport
    • Life Sciences & Health Care

      • Health Care
      • Life Sciences
    • Technology, Media & Telecommunications

      • Technology
      • Telecommunications, Media & Entertainment
  • Insights

    Deloitte Insights

    What's New

    • Deloitte Insights app

      Go straight to smart with daily updates on your mobile device

    • Deloitte Review, issue 27

      Explore business recovery from COVID-19

    • Weekly economic update

      See what's happening this week and the impact on your business

    • By topic

      • AI & cognitive technologies
      • Analytics
      • Blockchain
      • Digital transformation
      • Diversity & inclusion
      • Economics
      • Human capital
      • Innovation
      • Leadership
      • Private companies
      • Risk management
      • Strategy
    • By sector

      • Automotive
      • Consumer products & retail
      • Financial services
      • Government & public services
      • Health care
      • Industrial products
      • Life sciences
      • Oil, gas & chemicals
      • Power, utilities & renewables
      • Technology
      • Telecom, media & entertainment
      • Transportation & hospitality
    • Spotlight

      • US business impact of COVID-19
      • Deloitte Review
      • Economic weekly update
      • Future of mobility
      • Future of work
      • Industry 4.0
      • Internet of Things
      • US business impact of COVID-19
  • Careers

    What's New

    • Life at Deloitte Podcast

      A podcast by our professionals who share a sneak peek at life inside Deloitte.

    • Life at Deloitte Blog

      Discover Deloitte and learn more about our people and culture.

    • Change isn't just coming. It's here.

      Taking action against systemic bias, racism, and unequal treatment

    • Careers

      • Audit & Assurance
      • Consulting
      • Risk & Financial Advisory
      • Tax
      • Internal Services
      • US Delivery Center
    • Students

      • Undergraduate
      • Advanced Degree
      • Professional Development
      • Recruiting Process
    • Experienced Professionals

      • Recruiting Process
      • Veterans
      • Industries
      • Executives
    • Job Search

      • Entry Level Jobs
      • Experienced Professional Jobs
      • Recruiting Tips
      • Explore Your Fit
      • Labor Condition Applications
    • Life at Deloitte

      • Life at Deloitte Blog
      • Meet Our People
      • Inclusion
      • Corporate Citizenship
      • Leadership Development
      • Empowered Well-Being
      • Deloitte University
    • Alumni Relations

      • Update Your Information
      • Events
      • Career Development Support
      • Marketplace Jobs Dashboard
      • Alumni Resources
  • US-EN Location: United States-English  
  • Contact us
  • US-EN Location: United States-English  
  • Contact us
    • Dashboard
    • Saved items
    • Content feed
    • Subscriptions
    • Profile/Interests
    • Account settings

Welcome back

Still not a member? Join My Deloitte

Cyber crime fighting

by David Schatsky, Vikram Mahidhar, Kelly Bissell
  • Save for later
  • Download
  • Share
    • Share on Facebook
    • Share on Twitter
    • Share on Linkedin
    • Share by email
Deloitte Insights
  • By topic
    By topic
    By topic
    • AI & cognitive technologies
    • Analytics
    • Blockchain
    • Digital transformation
    • Diversity & inclusion
    • Economics
    • Human capital
    • Innovation
    • Leadership
    • Private companies
    • Risk management
    • Strategy
  • By sector
    By sector
    By sector
    • Automotive
    • Consumer products & retail
    • Financial services
    • Government & public services
    • Health care
    • Industrial products
    • Life sciences
    • Oil, gas & chemicals
    • Power, utilities & renewables
    • Technology
    • Telecom, media & entertainment
    • Transportation & hospitality
  • Spotlight
    Spotlight
    Spotlight
    • Combating COVID-19
    • Deloitte Review
    • Economic weekly update
    • Future of mobility
    • Future of work
    • Industry 4.0
    • Internet of Things
    • Smart cities
    • US-EN Location: United States-English  
    • Contact us
      • Dashboard
      • Saved items
      • Content feed
      • Subscriptions
      • Profile/Interests
      • Account settings
    27 June 2013

    Cyber crime fighting

    28 June 2013
    • David Schatsky United States
    • Vikram Mahidhar, Kelly Bissell
    • Save for later
    • Download
    • Share
      • Share on Facebook
      • Share on Twitter
      • Share on Linkedin
      • Share by email

    Enterprises have to go on the offense to protect themselves from a rising tide of cyber crime. Collective intelligence and human judgment supported by advanced security analytics can help.

    As personal, commercial, and government activities continue to migrate to the digital realm, so do criminals. Large-scale cyber attacks are becoming more frequent and more costly for businesses in the United States. Attackers are better funded, more sophisticated, and better organized than in the past, often representing criminal networks or states. Dozens of US banks have suffered cyber attacks over the last year at the hands of foreign attackers. Cyber crooks stole 3.6 million social security numbers and nearly 400,000 credit card numbers and tax data from South Carolina Department of Revenue computers, saddling the state with $20 million in cleanup costs so far.1  Better security is not going to come cheap. According to Bloomberg, financial services firms will have to boost annual average cyber security spending 13-fold to nearly $300 million each to fend off 95 percent of cyber attacks.2

    As enterprises and government agencies increasingly adopt cloud, mobile, and social computing, information technology (IT) environments are becoming more difficult to defend. Increasingly, organizations need to accept that security breaches are inevitable. Security strategies need to go beyond defense to include detection, response, and recovery. All this gives rise to a need for new skills and approaches and specialized tools and services, including continuous monitoring and threat forensics powered by analytics.

    Cyber security is increasingly becoming a concern among corporate leadership, including boards of directors. A biennial study of enterprise security governance practices by the Carnegie Mellon University CyLab found a sharp rise in board-level attention to the topic. Among companies surveyed in 2012, 48 percent have a board-level risk committee responsible for privacy and security, up from just 8 percent in 2008.3

    The rising number and sophistication of cyber attacks is expanding the market for cyber security services. North American spending on managed security services (IT outsourcing focused on security services) will increase at a compound annual growth rate of  17 percent during 2013–2017, according to Gartner.4  The growing market and evolving threat landscape are, in turn, motivating many mergers and acquisitions. The last several years saw many large-scale acquisitions, including over 30 acquisitions of young, US-based cyber security vendors in the last 12 months alone.5

    Two important trends can help organizations stay ahead of cyber threats.

    Collective intelligence

    The distributed and evolving nature of cyber threats calls for a collaborative and networked defense. In the context of cyber security, collective intelligence refers to the sharing of information about vulnerabilities, threats, and remedies between enterprises and government and between enterprises and security vendors. Collective intelligence can improve risk management by quickly spreading knowledge of vulnerabilities and threats. It can direct security audits and cyber forensics to areas of known or suspected weakness. And it can reveal trends and suggest areas where investment in additional security measures is warranted. A number of vendors are developing shared-intelligence features such as injecting data feeds of anonymized and aggregated data about IP addresses, file names, email addresses, query and search strings, and the like into security monitoring dashboards to improve security for all of their customers. Promoting the sharing of cyber threat and vulnerability information between the public and private sectors was a key aim of the federal Cyber Security Act of 2012.6

    Technology and professional services

    With cloud, mobile, and social computing creating new security vulnerabilities, traditional cyber security products such as firewalls and antivirus scanners cannot thwart every threat. Tools such as network security analyzers can be difficult for some enterprises to effectively employ without outside help, and specialized cyber security talent is, predictably, in short supply. Professional services firms are responding by introducing security offerings that marry the automation and analytical capabilities of IT platforms with human intelligence to help clients cope. Such technological offerings can help organizations monitor, collect, and analyze large data sets and identify patterns that indicate breaches or attempted breaches. This allows organizations to respond to threats with more agility, and it supports more thorough auditing of cyber security risks at a time when firms—especially public companies—face rising expectations to disclose their security risks and incidents.

    Organizations can no longer rely on passive defenses against cyber attacks. Tapping into collective intelligence and joining automation and analytics to human judgment can help organizations reduce the risk of a cyber attack and lower the costs of mitigating attacks that do occur.

    Credits

    Written by: David Schatsky, Vikram Mahidhar, Kelly Bissell

    Cover image by: Santiago Uceda

    Endnotes
      1. Andrew Shain, “SC hacking solution could cost $15 million next year,” The State, May 8, 2013, http://www.thestate.com/2013/05/08/2761786/sc-hacking-solution-could-cost.html. View in article
      2. Eric Engleman and Chris Strohm, “Cybersecurity disaster seen in US survey citing spending gaps,” Bloomberg, January 31, 2012, http://www.bloomberg.com/news/2012-01-31/cybersecurity-disaster-seen-in-u-s-survey-citing-spending-gaps.html. View in article
      3. Jody R. Westby, Governance of enterprise security: CyLab 2012 report—How boards and senior executives are managing cyber risks, May 16, 2012, http://www.rsa.com/innovation/docs/CMU-GOVERNANCE-RPT-2012-FINAL.pdf. View in article
      4. Gartner, “Forecast: Information Security, Worldwide, 1Q13 Update,” May 10, 2013. View in article
      5. Deloitte analysis of data from CB Insights. View in article
      6. Cybersecurity Act of 2012, S. 2105, 112th Congress (2012), http://www.govtrack.us/congress/bills/112/s2105/text. View in article
    Show moreShow lessShow less

    Topics in this article

    Signals for Strategists , Cyber risk

    Deloitte Consulting

    Learn more
    Download Subscribe

    Related

    img Trending

    Interactive 3 days ago

    David Schatsky

    David Schatsky

    Managing Director | Deloitte LLP

    David analyzes emerging technology and business trends for Deloitte’s leaders and clients. His recent published works include Signals for Strategists: Sensing Emerging Trends in Business and Technology (Rosetta Books 2015), “Demystifying artificial intelligence: What business leaders need to know about cognitive technologies,” and “Cognitive technologies: The real opportunities for business” (Deloitte Insights 2014-15). Before joining Deloitte, David led two research and advisory firms.

    • dschatsky@deloitte.com

    Share article highlights

    See something interesting? Simply select text and choose how to share it:

    Email a customized link that shows your highlighted text.
    Copy a customized link that shows your highlighted text.
    Copy your highlighted text.

    Cyber crime fighting has been saved

    Cyber crime fighting has been removed

    An Article Titled Cyber crime fighting already exists in Saved items

    Invalid special characters found 
    Forgot password

    OR

    Social login not available on Microsoft Edge browser at this time.

    Connect Accounts

    Connect your social accounts

    This is the first time you have logged in with a social network.

    You have previously logged in with a different account. To link your accounts, please re-authenticate.

    Log in with an existing social network:

    To connect with your existing account, please enter your password:

    OR

    Log in with an existing site account:

    To connect with your existing account, please enter your password:

    Forgot password

    Subscribe

    to receive more business insights, analysis, and perspectives from Deloitte Insights
    ✓ Link copied to clipboard
    • Contact us
    • Search jobs
    • Submit RFP
    • Subscribe to Deloitte Insights
    Follow Deloitte Insights:
    Global office directory US office locations
    US-EN Location: United States-English  
    About Deloitte
    • About Deloitte
    • My Deloitte
    • Deloitte Insights
    • Press releases
    • Email subscriptions
    • Submit RFP
    • US office locations
    • Alumni
    • Global office directory
    • Newsroom
    • Dbriefs webcasts
    • Contact us
    Services
    • Tax
    • Consulting
    • Audit & Assurance
    • Deloitte Private Company Services
    • Mergers & Acquisitions
    • Risk & Financial Advisory
    • Analytics
    • Cloud
    Industries
    • Consumer
    • Energy, Resources & Industrials
    • Financial Services
    • Government & Public Services
    • Life Sciences & Health Care
    • Technology, Media & Telecommunications
    Careers
    • Careers
    • Students
    • Experienced Professionals
    • Job Search
    • Life at Deloitte
    • Alumni Relations
    • About Deloitte
    • Terms of Use
    • Privacy
    • Privacy Shield
    • Cookies
    • Legal Information for Job Seekers
    • Labor Condition Applications
    • Do Not Sell My Personal Information

    © 2021. See Terms of Use for more information.

    Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.

    Learn more about Deloitte's work for the US Olympic Committee