Welcome!

News Feed Item

Deloitte launches "Secure.Vigilant.Resilient." approach to cyber risk to help complex organizations reap benefits of growth and innovation

NEW YORK, Feb. 20, 2014 /PRNewswire/ -- Despite heightened attention to cyber security and unprecedented levels of security investment, the number of cyber incidents – and their associated costs – continues to rise[1], and adversaries continue to evolve their attack techniques. As the challenges to secure complex enterprise and public sector environments continue to mount, Deloitte, an acknowledged market leader in security, privacy, and resilience solutions, today announced its new Secure.Vigilant.Resilient. approach to help organizations maximize business performance through a cyber risk management program that extends beyond traditional information security practices.

(Logo: http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-a )

Deloitte's Secure.Vigilant.Resilient. approach acknowledges that with perpetual change and increasing complexity, it is economically infeasible for organizations to be 100 percent secure. It remains critical to invest in cost-justified and risk-prioritized security controls, but it is equally important – if not more important – to focus effort on improving threat visibility and detection, and responding more rapidly and effectively to reduce the impact of cyber incidents. Secure.Vigilant.Resilient. efforts require strong executive guidance and governance processes, and the creation of an active defense culture throughout the organization.

Simultaneously, Deloitte announced it has changed the name of its Security, Privacy, and Resilience practice to Cyber Risk Services, reflecting awareness that gaining ground in the battle against cyber threats is fundamentally a risk management challenge.

Cyber Risk Services is an integral component of Deloitte's risk advisory services business, the market leader in providing end-to-end risk advisory services. Deloitte's risk advisory services business helps organizations build value by taking a risk intelligent approach to managing financial, technology and business risks. This approach helps organizations focus on areas of increased risk, bridge silos to effectively manage risk across organizational boundaries and pursue not only risk mitigation but also intelligent risk taking as a means to value creation.

"Senior executives are flooded with news and information about the damages that cyber incidents can inflict, but this in itself doesn't help them move forward," said Ed Powers, the national managing principal for Deloitte's Cyber Risk Services practice. "The fact is that innovation and cyber risk are inextricably linked; cyber risk is an inherent byproduct of virtually every growth and efficiency effort. The recent spate of attacks waged through point-of-sale systems is a case in point. Electronic payments processing has heralded new levels of efficiency for retailers and their customers – but the attendant risks can exact significant costs, both direct and indirect."

"Our approach helps organizations gain confidence in their ability to innovate by helping them be better prepared for potential cyber incidents. Through a Secure.Vigilant.Resilient. program, they can embrace cyber risk management not as a necessary evil, but as a positive and an integral component of strategic planning that supports the achievement of their core mission and strategic objectives," Powers added.

The underpinning concepts for the framework are spelled out in a new point of view paper entitled, "Changing the game on cyber risk: the imperative to be secure, vigilant, and resilient." www.deloitte.com/us/cyberrisk

To get started, leaders of the organization need to understand the key threats prevalent in their industry and specific to their organization. By reviewing potential actors and their motives, they can establish program components that better prevent impact by known threats, and also be better equipped to anticipate what might happen in the future, and respond more nimbly when incidents occur.

Deloitte Cyber Risk Services – Leading From the Front

Deloitte's Cyber Risk Services comprises more than 1,500 professionals focused in cyber risk, information security, privacy and business resilience. Deloitte is recognized by Forrester Research, Inc. as a leader in information security consulting services[2] and ranked No. 1 globally and in North America in security consulting, based on revenue by Gartner.[3], [4]

Today's announcement follows a series of aggressive activities Deloitte initiated in 2013 to build upon its position as the clear market leader. Deloitte acquired the assets of Vigilant, Inc. last spring.  Renamed Vigilant by Deloitte, this segment of the practice specializes in cyber risk detection, situational awareness, and cyber threat intelligence, providing consulting, managed services, and information services that help organizations detect and respond to emerging cyber threats.

Former senior-ranking Federal Bureau of Investigation (FBI) Special Agent in Charge Mary E. Galligan, who supervised some of the FBI's largest and most high profile investigations – including the September 11th terrorist attacks, joined Deloitte's Cyber Risk Services practice last fall. The addition of Galligan, who retired from the FBI after more than 25 years' service, brought a national security and law enforcement leadership to the incident response portion of the cyber security equation.

Deloitte served as the objective observer of the Securities Industry and Financial Markets Association Quantum Dawn 2 simulated systemic cyber attack on the U.S. financial system and co-authored the after action report that identifies ways to improve the industry's responses to cyber events.

Most recently, Deloitte helped the National Institute of Standards and Technology (NIST) to develop a Cybersecurity Framework to reduce cyber security risks for critical infrastructure. The NIST Framework, mandated by an Executive Order signed by President Obama one year ago, is based on five core functions: identify, protect, detect, respond and recover, which is consistent with Deloitte's Secure.Vigilant.Resilient. cyber risk management approach.

About Deloitte's Cyber Risk Services

Deloitte's market-leading Cyber Risk Services practice helps organizations address pressing and pervasive strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. Deloitte provides industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte can help lead your organization to an agile, rapid risk response approach to enable greater insight and informed business decisions tied to business value. Our breadth of capability across risk management, IT consulting and organizational transformation allows us to define an approach that can efficiently and effectively align people, process and technology.

As used in this document, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

[1] "Cost of a Security Breach," Ponemon Institute, 2013

[2] "The Forrester Wave™: Information Security Consulting Services, Q1 2013," Forrester Research, February 1, 2013

[3] Source: Gartner, Market Share Analysis: Security Consulting, Worldwide, 2012, Lawrence Pingree, 16 May, 2013.

[4] References by Forrester Research, Inc. and Gartner are to the security & privacy practices of the member firms of Deloitte Touche Tohmatsu Limited, including those member firms outside the U.S., in the aggregate.

 

SOURCE Deloitte

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus inter...
The demand for organizations to expand their infrastructure to multiple IT environments like the cloud, on-premise, mobile, bring your own device (BYOD) and the Internet of Things (IoT) continues to grow. As this hybrid infrastructure increases, the challenge to monitor the security of these systems increases in volume and complexity. In his session at 18th Cloud Expo, Stephen Coty, Chief Security Evangelist at Alert Logic, will show how properly configured and managed security architecture can...
The IoTs will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development proc...
In his session at @ThingsExpo, Chris Klein, CEO and Co-founder of Rachio, will discuss next generation communities that are using IoT to create more sustainable, intelligent communities. One example is Sterling Ranch, a 10,000 home development that – with the help of Siemens – will integrate IoT technology into the community to provide residents with energy and water savings as well as intelligent security. Everything from stop lights to sprinkler systems to building infrastructures will run ef...
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
Much of the value of DevOps comes from a (renewed) focus on measurement, sharing, and continuous feedback loops. In increasingly complex DevOps workflows and environments, and especially in larger, regulated, or more crystallized organizations, these core concepts become even more critical. In his session at @DevOpsSummit at 18th Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, will show how, by focusing on 'metrics that matter,' you can provide objective, transparent, and meaningfu...
SYS-CON Events announced today that Ericsson has been named “Gold Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. Ericsson is a world leader in the rapidly changing environment of communications technology – providing equipment, software and services to enable transformation through mobility. Some 40 percent of global mobile traffic runs through networks we have supplied. More than 1 billion subscribers around the world re...
trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vice president of product management, IoT solutions at GlobalSign, will teach IoT developers how t...
A critical component of any IoT project is the back-end systems that capture data from remote IoT devices and structure it in a way to answer useful questions. Traditional data warehouse and analytical systems are mature technologies that can be used to handle large data sets, but they are not well suited to many IoT-scale products and the need for real-time insights. At Fuze, we have developed a backend platform as part of our mobility-oriented cloud service that uses Big Data-based approache...
Artificial Intelligence has the potential to massively disrupt IoT. In his session at 18th Cloud Expo, AJ Abdallat, CEO of Beyond AI, will discuss what the five main drivers are in Artificial Intelligence that could shape the future of the Internet of Things. AJ Abdallat is CEO of Beyond AI. He has over 20 years of management experience in the fields of artificial intelligence, sensors, instruments, devices and software for telecommunications, life sciences, environmental monitoring, process...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will dis...
The increasing popularity of the Internet of Things necessitates that our physical and cognitive relationship with wearable technology will change rapidly in the near future. This advent means logging has become a thing of the past. Before, it was on us to track our own data, but now that data is automatically available. What does this mean for mHealth and the "connected" body? In her session at @ThingsExpo, Lisa Calkins, CEO and co-founder of Amadeus Consulting, will discuss the impact of wea...
There is an ever-growing explosion of new devices that are connected to the Internet using “cloud” solutions. This rapid growth is creating a massive new demand for efficient access to data. And it’s not just about connecting to that data anymore. This new demand is bringing new issues and challenges and it is important for companies to scale for the coming growth. And with that scaling comes the need for greater security, gathering and data analysis, storage, connectivity and, of course, the...
We’ve worked with dozens of early adopters across numerous industries and will debunk common misperceptions, which starts with understanding that many of the connected products we’ll use over the next 5 years are already products, they’re just not yet connected. With an IoT product, time-in-market provides much more essential feedback than ever before. Innovation comes from what you do with the data that the connected product provides in order to enhance the customer experience and optimize busi...