Solutions

Cyber Emerging Technologies

Deloitte’s Cyber Emerging Technologies offering helps organisations with their cyber capabilities and solutions focused on next generation technologies including, but not limited to, the Internet of Things (IoT) and Industrial Control Systems (ICS).

Emerging technology at a glance




Smart Cities

OT

IoT

5G

Smart Cities
  • • A city can be defined as ‘smart’ when investments in human, social capital and traditional (transport) and modern (ICT) communication infrastructure fuel sustainable economic development and a high quality of life, with wise management of natural resources. Smart cities face many risks as digital and physical infrastructure converge. To help address this challenge, cities should embed cybersecurity and privacy principles in each stage of their development.
  • • The convergence of physical and digital infrastructure, the ensuing interoperability, and interconnectedness between city systems and data is an ongoing effort in many cities. The security goals of a smart city—confidentiality, integrity, availability, safety, and resiliency—should be grounded on both the objectives of traditional IT (to secure data) as well as those of OT (to ensure safety and resiliency of systems and processes). 

How we help you ensure you build a secure smart environment:

1.Design and Implement Cybersecurity program where awareness is a key focus element.

2.Privacy by design

3.Digital Trust platform

4.Design and Implement Cyber threat intelligence and platform

5.City Cyber resilience preparedness

OT
  • • Operational technology(OT) are systems that manage, monitor and control industrial operations, focusing on physical devices and processes. Industrial Control Systems (ICS) also referred to as Operational Technology (OT) are command network and systems devices designed to monitor and control industrial processes. The ICS family includes supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations. ICS were initially designed for, and deployed in, isolated networks, running on proprietary protocols with custom software. As a result, the exposure of these systems to cyber threats was limited.
  • • Business needs have led to the convergence of Enterprise Resource Planning (ERP) systems (IT), Manufacturing Execution Systems (MES) and SCADA systems (OT). By providing increased access to industrial process data, these innovations allow Industrial business to make better business decisions.
  • Today, as an enabler of business innovation and efficiency, more ICS systems are connected to networks outside of its initial designed networks, either directly or through the corporate networks, and are remotely accessible to allow remote process monitoring, system maintenance, process control and production data analysis. Accordingly, the threat attack surface and resulting business exposure has risen and so have the corresponding safety and compliance risks.
  • • Building a program to address your Industrial Cyber Risk (IT and OT) is a governance responsibility to ensure that you are safely designing and implementing emerging technologies and solutions.

How we help support you in your Industrial Cybersecurity journey:

  • •OT/IIoT Security Program Design, Development, Implementation, and Operation: Design, develop, and implement security programs (incorporating IT and OT), that enable organizations to better manage cyber risk associated with IIoT products and ecosystems.
  • • OT Security Program, informed by a Strategic Industrial Cyber Risk assessment and Capability Maturity Assessment: Assess the enterprise-level framework and associated processes that organizations use to secure their connected devices and associated infrastructures.
  • • OT Security Vulnerability Testing: Perform technical security testing, including the latest techniques, tradecraft, and procedures utilizing manual and automated tooling and reviews, to identify potential vulnerabilities.
  • • OT Security Executive Transition and Cyber Security Labs: Prepare new security executives for their position in an OT security program with tailored training that includes role responsibilities, industry-leading practices, and assistance developing strategy to improve the security posture of their organization's IIoT environments.
  • • Security Engineering and Architecture: Design, develop, advise, and implement security for OT new technology designs and products and their associated ecosystem.
IoT
  • • Internet of Things is internet facing devices that generate instant data analysis and used to drive “smart” action. What makes the Internet of Things (IoT)different from the traditional Internet? People, for starters. The IoT doesn’t rely on human intervention to function. With the IoT, sensors collect, communicate, analyze, and act on information, offering new ways for technology, media and telecommunications businesses to create value—whether that’s creating entirely new businesses and revenue streams, delivering a more efficient experience for consumers or driving operations efficiencies.
  • This creates new opportunities for all that information to be compromised. Not only is more data being shared through the IoT, among many more participants, but more sensitive data is being shared. As a result, your business threat exposure to cyber threat becomes exponentially greater.

Many technology, media and telecom companies are already grappling with these cyber risk challenges. What are they finding?

  • • An integrated risk philosophy is not optional
  • • Cyber risk management and innovation must be on equal footing
  • • No global risk standards? No excuse.
  • • Retrofitting can work – but it introduces new risks
  • • Loosely coupled systems can help now—in lieu of an overhaul

How we help support you in your secure IoT journey:

  • • IoT Security Program Design, Development, Implementation, and Operation
  • • IoT, informed by a Strategic Cyber Risk assessment and Capability Maturity Assessment taking strategic projects into consideration
  • • Vulnerability testing
  • • Secure IoT Architecture and Design
  • • Threat and Vulnerability assessments
5G

While the shift to 5G is bringing a new level of uncertainty to organizations across the globe, it’s also creating endless possibilities. Early 5G adopters may benefit from an unprecedented technological, financial, and national security advantage over their competitors, so government and business leaders should act efficiently.

With expansion comes challenges, notably related to costs, manufacturing, and even understanding and harnessing 5G’s full potential. The shift in 5G architecture may also require a more robust cybersecurity approach aligned with Zero Trust security from organizations since, unlike 4G which uses hardware hubs, 5G is software-based.

How we help:

  • • Assisting in the definition of their cyber strategy
    • Conducting assessments and analyses to address compliance gaps
    • Helping with vendor selection
    • Offering recommendations based on a deep understanding of the 5G domain



Thought Leadership


Securing industrial operations in mining

Despite cyber-threats rapidly growing across industries, the mining industry remained unaffected and believed it could operate under the radar of cyber criminals. The rationale behind this thinking was “Why would hackers target a mining company when they could attack a consumer organization that moves financial data?”

Now, with the industry moving to the next stage of evolution—rapidly integrating new technologies into the operational environment—also referred as “intelligent mining”, it interests cyber criminals as much as a retail industry. How can miners make their operational processes secure, vigilant, and resilient?

This report shares the key lessons that would enable mining companies to upgrade the security of their industrial control systems (ICS). It provides a good understanding of the cyber threats disrupting the mining value chain and explores the approach companies can take to sustainably address cyber.

Read more


Protecting the connected barrels: Cybersecurity for upstream oil and gas

Oil and gas might not seem like an industry that hackers would target. But they do—and the cybersecurity risks rise with every new data-based link between rigs, refineries, and headquarters. In an increasingly connected world, how can upstream O&G companies protect themselves?

Read more


Building cyber security into critical infrastructure

The digital revolution shows no signs of slowing down, especially in Asia Pacific, as critical infrastructure sectors and other industries embrace new technologies. Vast possibilities and benefits are being unlocked by the ongoing convergence of information technology (IT) and operational technology (OT), and the emergence of Industry 4.0 ecosystems. But as technological innovations enhance and optimise critical infrastructure operations, they also heighten the cyber exposure and risks to OT and IT alike.

Critical infrastructure operators in Asia Pacific are increasingly being targeted by cyber espionage and sophisticated attacks with the potential for severe disruption to essential services such as energy and water supply. In addition, the diversity of economies, geopolitical risk, and technology in Asia Pacific is reflected in the disparity in the maturity and enforcement of cyber security requirements in critical infrastructure. The region is ramping up its efforts to secure critical infrastructure but there is still room for significant improvement.

This paper examines the changing risk landscape in Asia Pacific, highlights the urgency of addressing these challenges, and provides an approach to build cyber security into critical infrastructure. Read Building cyber security into critical infrastructure: Protecting industrial control systems in Asia Pacific to learn more about developing your strategies and plans for greater cyber resilience.

Read more


Emerging Technology Services: Empowering innovation with confidence

To take full advantage of all digital transformation offers as advanced systems merge, it’s vital to stay in control of cybersecurity risks both within the operations environment and across connected products and services. Deloitte’s Cyber Emerging Technology services help you find, manage and mitigate security risks in connected systems and operations anywhere it’s needed.

Improve resilience and drive value by enabling digitalisation while remaining in control of cyber risks. Empower end-user experience through enhanced security and interconnectedness across all touchpoints. Manage and protect systems that are costly, complex, and time-consuming to update or replace. Enable secure innovation and create a unique market position with products differentiated by their security.

We hope that our brochure empowers innovation, connection, and trust for your cyber-powered future.

Read more

Key contacts

Samresh Ramjith

Samresh Ramjith

Africa Cyber Risk Leader

Samresh is Director (Partner) in the Deloitte South African practice where he leads the Cyber Risk business across Africa.  He is a passionate cybersecurity professional with over 20 years of experien... More

Michelle Govender (Pr.Eng)

Michelle Govender (Pr.Eng)

Cyber Emerging Technology Leader | Risk Advisory Africa

Michelle began her career as an electrical engineer in the Electricity industry. Following her work in the substation automation space, commissioning of high voltage feeder schemes, substation control... More

Tiaan van Schalkwyk

Tiaan van Schalkwyk

Cyber Secure Leader | Risk Advisory Africa

Tiaan is an Associate Director in Deloitte Risk Advisory with over 18 years of experience in Information Security, Cyber Security & Privacy. He is responsible for selling, leading, delivering and mana... More

Leishen Pillay

Leishen Pillay

Cyber Privacy Leader | Risk Advisory Africa

Leishen is an Director within Deloitte Risk Advisory based in Waterfall City. He joined Deloitte in August 2018 and prior to joining Deloitte he was a Director, and head of the Data Protection and Tec... More