Welcome!

News Feed Item

Deloitte launches "Secure.Vigilant.Resilient." approach to cyber risk to help complex organizations reap benefits of growth and innovation

NEW YORK, Feb. 20, 2014 /PRNewswire/ -- Despite heightened attention to cyber security and unprecedented levels of security investment, the number of cyber incidents – and their associated costs – continues to rise[1], and adversaries continue to evolve their attack techniques. As the challenges to secure complex enterprise and public sector environments continue to mount, Deloitte, an acknowledged market leader in security, privacy, and resilience solutions, today announced its new Secure.Vigilant.Resilient. approach to help organizations maximize business performance through a cyber risk management program that extends beyond traditional information security practices.

(Logo: http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-a )

Deloitte's Secure.Vigilant.Resilient. approach acknowledges that with perpetual change and increasing complexity, it is economically infeasible for organizations to be 100 percent secure. It remains critical to invest in cost-justified and risk-prioritized security controls, but it is equally important – if not more important – to focus effort on improving threat visibility and detection, and responding more rapidly and effectively to reduce the impact of cyber incidents. Secure.Vigilant.Resilient. efforts require strong executive guidance and governance processes, and the creation of an active defense culture throughout the organization.

Simultaneously, Deloitte announced it has changed the name of its Security, Privacy, and Resilience practice to Cyber Risk Services, reflecting awareness that gaining ground in the battle against cyber threats is fundamentally a risk management challenge.

Cyber Risk Services is an integral component of Deloitte's risk advisory services business, the market leader in providing end-to-end risk advisory services. Deloitte's risk advisory services business helps organizations build value by taking a risk intelligent approach to managing financial, technology and business risks. This approach helps organizations focus on areas of increased risk, bridge silos to effectively manage risk across organizational boundaries and pursue not only risk mitigation but also intelligent risk taking as a means to value creation.

"Senior executives are flooded with news and information about the damages that cyber incidents can inflict, but this in itself doesn't help them move forward," said Ed Powers, the national managing principal for Deloitte's Cyber Risk Services practice. "The fact is that innovation and cyber risk are inextricably linked; cyber risk is an inherent byproduct of virtually every growth and efficiency effort. The recent spate of attacks waged through point-of-sale systems is a case in point. Electronic payments processing has heralded new levels of efficiency for retailers and their customers – but the attendant risks can exact significant costs, both direct and indirect."

"Our approach helps organizations gain confidence in their ability to innovate by helping them be better prepared for potential cyber incidents. Through a Secure.Vigilant.Resilient. program, they can embrace cyber risk management not as a necessary evil, but as a positive and an integral component of strategic planning that supports the achievement of their core mission and strategic objectives," Powers added.

The underpinning concepts for the framework are spelled out in a new point of view paper entitled, "Changing the game on cyber risk: the imperative to be secure, vigilant, and resilient." www.deloitte.com/us/cyberrisk

To get started, leaders of the organization need to understand the key threats prevalent in their industry and specific to their organization. By reviewing potential actors and their motives, they can establish program components that better prevent impact by known threats, and also be better equipped to anticipate what might happen in the future, and respond more nimbly when incidents occur.

Deloitte Cyber Risk Services – Leading From the Front

Deloitte's Cyber Risk Services comprises more than 1,500 professionals focused in cyber risk, information security, privacy and business resilience. Deloitte is recognized by Forrester Research, Inc. as a leader in information security consulting services[2] and ranked No. 1 globally and in North America in security consulting, based on revenue by Gartner.[3], [4]

Today's announcement follows a series of aggressive activities Deloitte initiated in 2013 to build upon its position as the clear market leader. Deloitte acquired the assets of Vigilant, Inc. last spring.  Renamed Vigilant by Deloitte, this segment of the practice specializes in cyber risk detection, situational awareness, and cyber threat intelligence, providing consulting, managed services, and information services that help organizations detect and respond to emerging cyber threats.

Former senior-ranking Federal Bureau of Investigation (FBI) Special Agent in Charge Mary E. Galligan, who supervised some of the FBI's largest and most high profile investigations – including the September 11th terrorist attacks, joined Deloitte's Cyber Risk Services practice last fall. The addition of Galligan, who retired from the FBI after more than 25 years' service, brought a national security and law enforcement leadership to the incident response portion of the cyber security equation.

Deloitte served as the objective observer of the Securities Industry and Financial Markets Association Quantum Dawn 2 simulated systemic cyber attack on the U.S. financial system and co-authored the after action report that identifies ways to improve the industry's responses to cyber events.

Most recently, Deloitte helped the National Institute of Standards and Technology (NIST) to develop a Cybersecurity Framework to reduce cyber security risks for critical infrastructure. The NIST Framework, mandated by an Executive Order signed by President Obama one year ago, is based on five core functions: identify, protect, detect, respond and recover, which is consistent with Deloitte's Secure.Vigilant.Resilient. cyber risk management approach.

About Deloitte's Cyber Risk Services

Deloitte's market-leading Cyber Risk Services practice helps organizations address pressing and pervasive strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. Deloitte provides industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte can help lead your organization to an agile, rapid risk response approach to enable greater insight and informed business decisions tied to business value. Our breadth of capability across risk management, IT consulting and organizational transformation allows us to define an approach that can efficiently and effectively align people, process and technology.

As used in this document, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

[1] "Cost of a Security Breach," Ponemon Institute, 2013

[2] "The Forrester Wave™: Information Security Consulting Services, Q1 2013," Forrester Research, February 1, 2013

[3] Source: Gartner, Market Share Analysis: Security Consulting, Worldwide, 2012, Lawrence Pingree, 16 May, 2013.

[4] References by Forrester Research, Inc. and Gartner are to the security & privacy practices of the member firms of Deloitte Touche Tohmatsu Limited, including those member firms outside the U.S., in the aggregate.

 

SOURCE Deloitte

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
What is the best strategy for selecting the right offshore company for your business? In his session at 21st Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, will discuss the things to look for - positive and negative - in evaluating your options. He will also discuss how to maximize productivity with your offshore developers. Before you start your search, clearly understand your business needs and how that impacts software choices.
Real IoT production deployments running at scale are collecting sensor data from hundreds / thousands / millions of devices. The goal is to take business-critical actions on the real-time data and find insights from stored datasets. In his session at @ThingsExpo, John Walicki, Watson IoT Developer Advocate at IBM Cloud, will provide a fast-paced developer journey that follows the IoT sensor data from generation, to edge gateway, to edge analytics, to encryption, to the IBM Bluemix cloud, to Wa...
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
Most of the time there is a lot of work involved to move to the cloud, and most of that isn't really related to AWS or Azure or Google Cloud. Before we talk about public cloud vendors and DevOps tools, there are usually several technical and non-technical challenges that are connected to it and that every company needs to solve to move to the cloud. In his session at 21st Cloud Expo, Stefano Bellasio, CEO and founder of Cloud Academy Inc., will discuss what the tools, disciplines, and cultural...
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In his session at @DevOpsSummit at 21st Cloud Expo, Chris Van Tuin, Chief Technologist, NA West at Red Hat, will discuss: The top security r...
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 21st Cloud Expo, Lennart Frantzell, a Developer Advocate with IBM, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing devel...
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...