Welcome!

News Feed Item

Deloitte launches "Secure.Vigilant.Resilient." approach to cyber risk to help complex organizations reap benefits of growth and innovation

NEW YORK, Feb. 20, 2014 /PRNewswire/ -- Despite heightened attention to cyber security and unprecedented levels of security investment, the number of cyber incidents – and their associated costs – continues to rise[1], and adversaries continue to evolve their attack techniques. As the challenges to secure complex enterprise and public sector environments continue to mount, Deloitte, an acknowledged market leader in security, privacy, and resilience solutions, today announced its new Secure.Vigilant.Resilient. approach to help organizations maximize business performance through a cyber risk management program that extends beyond traditional information security practices.

(Logo: http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-a )

Deloitte's Secure.Vigilant.Resilient. approach acknowledges that with perpetual change and increasing complexity, it is economically infeasible for organizations to be 100 percent secure. It remains critical to invest in cost-justified and risk-prioritized security controls, but it is equally important – if not more important – to focus effort on improving threat visibility and detection, and responding more rapidly and effectively to reduce the impact of cyber incidents. Secure.Vigilant.Resilient. efforts require strong executive guidance and governance processes, and the creation of an active defense culture throughout the organization.

Simultaneously, Deloitte announced it has changed the name of its Security, Privacy, and Resilience practice to Cyber Risk Services, reflecting awareness that gaining ground in the battle against cyber threats is fundamentally a risk management challenge.

Cyber Risk Services is an integral component of Deloitte's risk advisory services business, the market leader in providing end-to-end risk advisory services. Deloitte's risk advisory services business helps organizations build value by taking a risk intelligent approach to managing financial, technology and business risks. This approach helps organizations focus on areas of increased risk, bridge silos to effectively manage risk across organizational boundaries and pursue not only risk mitigation but also intelligent risk taking as a means to value creation.

"Senior executives are flooded with news and information about the damages that cyber incidents can inflict, but this in itself doesn't help them move forward," said Ed Powers, the national managing principal for Deloitte's Cyber Risk Services practice. "The fact is that innovation and cyber risk are inextricably linked; cyber risk is an inherent byproduct of virtually every growth and efficiency effort. The recent spate of attacks waged through point-of-sale systems is a case in point. Electronic payments processing has heralded new levels of efficiency for retailers and their customers – but the attendant risks can exact significant costs, both direct and indirect."

"Our approach helps organizations gain confidence in their ability to innovate by helping them be better prepared for potential cyber incidents. Through a Secure.Vigilant.Resilient. program, they can embrace cyber risk management not as a necessary evil, but as a positive and an integral component of strategic planning that supports the achievement of their core mission and strategic objectives," Powers added.

The underpinning concepts for the framework are spelled out in a new point of view paper entitled, "Changing the game on cyber risk: the imperative to be secure, vigilant, and resilient." www.deloitte.com/us/cyberrisk

To get started, leaders of the organization need to understand the key threats prevalent in their industry and specific to their organization. By reviewing potential actors and their motives, they can establish program components that better prevent impact by known threats, and also be better equipped to anticipate what might happen in the future, and respond more nimbly when incidents occur.

Deloitte Cyber Risk Services – Leading From the Front

Deloitte's Cyber Risk Services comprises more than 1,500 professionals focused in cyber risk, information security, privacy and business resilience. Deloitte is recognized by Forrester Research, Inc. as a leader in information security consulting services[2] and ranked No. 1 globally and in North America in security consulting, based on revenue by Gartner.[3], [4]

Today's announcement follows a series of aggressive activities Deloitte initiated in 2013 to build upon its position as the clear market leader. Deloitte acquired the assets of Vigilant, Inc. last spring.  Renamed Vigilant by Deloitte, this segment of the practice specializes in cyber risk detection, situational awareness, and cyber threat intelligence, providing consulting, managed services, and information services that help organizations detect and respond to emerging cyber threats.

Former senior-ranking Federal Bureau of Investigation (FBI) Special Agent in Charge Mary E. Galligan, who supervised some of the FBI's largest and most high profile investigations – including the September 11th terrorist attacks, joined Deloitte's Cyber Risk Services practice last fall. The addition of Galligan, who retired from the FBI after more than 25 years' service, brought a national security and law enforcement leadership to the incident response portion of the cyber security equation.

Deloitte served as the objective observer of the Securities Industry and Financial Markets Association Quantum Dawn 2 simulated systemic cyber attack on the U.S. financial system and co-authored the after action report that identifies ways to improve the industry's responses to cyber events.

Most recently, Deloitte helped the National Institute of Standards and Technology (NIST) to develop a Cybersecurity Framework to reduce cyber security risks for critical infrastructure. The NIST Framework, mandated by an Executive Order signed by President Obama one year ago, is based on five core functions: identify, protect, detect, respond and recover, which is consistent with Deloitte's Secure.Vigilant.Resilient. cyber risk management approach.

About Deloitte's Cyber Risk Services

Deloitte's market-leading Cyber Risk Services practice helps organizations address pressing and pervasive strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity. Deloitte provides industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte can help lead your organization to an agile, rapid risk response approach to enable greater insight and informed business decisions tied to business value. Our breadth of capability across risk management, IT consulting and organizational transformation allows us to define an approach that can efficiently and effectively align people, process and technology.

As used in this document, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

[1] "Cost of a Security Breach," Ponemon Institute, 2013

[2] "The Forrester Wave™: Information Security Consulting Services, Q1 2013," Forrester Research, February 1, 2013

[3] Source: Gartner, Market Share Analysis: Security Consulting, Worldwide, 2012, Lawrence Pingree, 16 May, 2013.

[4] References by Forrester Research, Inc. and Gartner are to the security & privacy practices of the member firms of Deloitte Touche Tohmatsu Limited, including those member firms outside the U.S., in the aggregate.

 

SOURCE Deloitte

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 20th Cloud Expo, which will take place on June 6-8, 2017 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 add...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
Information technology (IT) advances are transforming the way we innovate in business, thereby disrupting the old guard and their predictable status-quo. It’s creating global market turbulence. Industries are converging, and new opportunities and threats are emerging, like never before. So, how are savvy chief information officers (CIOs) leading this transition? Back in 2015, the IBM Institute for Business Value conducted a market study that included the findings from over 1,800 CIO interviews ...
Virtualization over the past years has become a key strategy for IT to acquire multi-tenancy, increase utilization, develop elasticity and improve security. And virtual machines (VMs) are quickly becoming a main vehicle for developing and deploying applications. The introduction of containers seems to be bringing another and perhaps overlapped solution for achieving the same above-mentioned benefits. Are a container and a virtual machine fundamentally the same or different? And how? Is one techn...
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, will discuss the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information,
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
As businesses adopt functionalities in cloud computing, it’s imperative that IT operations consistently ensure cloud systems work correctly – all of the time, and to their best capabilities. In his session at @BigDataExpo, Bernd Harzog, CEO and founder of OpsDataStore, will present an industry answer to the common question, “Are you running IT operations as efficiently and as cost effectively as you need to?” He will expound on the industry issues he frequently came up against as an analyst, and...
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infra...
The financial services market is one of the most data-driven industries in the world, yet it’s bogged down by legacy CPU technologies that simply can’t keep up with the task of querying and visualizing billions of records. In his session at 20th Cloud Expo, Jared Parker, Director of Financial Services at Kinetica, will discuss how the advent of advanced in-database analytics on the GPU makes it possible to run sophisticated data science workloads on the same database that is housing the rich inf...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing and analyzing streaming data is the Lambda Architecture, represent...
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.