Welcome!

News Feed Item

Deloitte's Cyber Threat War-Gaming Services Help C-Suite, Technical Staff Prepare, Respond and be Resilient to Cyber Attacks

NEW YORK, July 31, 2014 /PRNewswire/ -- Deloitte's Cyber Risk Services practice today announced the commercial availability of its cyber war-gaming and simulation services, bringing together the broad spectrum of people required for concerted response to cyber-attacks. Deloitte's cyber war-gaming and simulation services are part of a broader portfolio of resilient services that help organizations minimize the impact of cyber incidents.

www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting." border="0" alt="As used in this document, "Deloitte" means Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting." align="left" src="http://photos.prnewswire.com/prnvar/20120803/MM52028LOGO-a "/>

"Business leaders are coming to accept that even with the best security defenses in place, cyber incidents will occur," explains Ed Powers, national managing principal of Deloitte's Cyber Risk Services. "Although a well-constructed incident response manual is necessary, this alone does not create the reflexive judgment capability that organizations may need if a security incident becomes a true business crisis. War-gaming trains diverse teams of responders to act rapidly to reduce the business disruption and costs often associated with cyber incidents, as well as to minimize brand and reputation damage."

Deloitte's cyber threat war-gaming approach draws on the strengths of its broader Risk Advisory capabilities, relies on leading thinking from the military and academia, and incorporates lessons learned from war-game simulations conducted for multi-national companies, government entities, regulatory bodies and industry groups. Deloitte served as objective observer and co-authored the "After Action" report for Quantum Dawn 2, a simulated systemic cyber attack on the U.S. financial system sponsored in June 2013 by the Securities Industry and Financial Markets Association.

Many organizations conduct technical rehearsals of their incident response plans, but Deloitte's cyber threat war-gaming services involve CEOs, CFOs, risk officers, talent (human relations) officers, legal counsel, and corporate communications teams, as well as technical responders.

"When a cyber attack threatens critical operations," said Mary Galligan, a director in Deloitte's Cyber Risk Services, "business leaders may need to make quick decisions to off-line core systems or applications. Executives may need to guide communications with media, customers, investors and regulators. Collaboration with law enforcement and industry peers may also be essential in limiting the exposure of critical infrastructure." Galligan was formerly the FBI Special Agent in Charge of Cyber and Special Operations for the FBI's New York office.

Deloitte's approach raises understanding and awareness of cyber threats among this wide range of responders, many of whom have typically had little exposure to IT security functions. Through simulated scenarios, they gain a greater sense of ownership of their role in cyber defense and help establish a broad culture of cyber resilience.

"Resilience," notes Emily Mossburg, principal in charge of resilient services for Deloitte, "doesn't start when an incident occurs. Preparedness for cyber attacks is a multi-layered challenge. It includes the design of infrastructure and applications, the building of necessary support relationships, and a broad, ongoing program to build a cyber-aware culture throughout the organization."

Deloitte's cyber threat war-gaming services leverage a wide range of pre-packaged exercises and an inventory of threat scenarios and action components that can be customized to each organization's risk profile, drawing on Deloitte's extensive experience across a wide range of industry sectors.

Deloitte is recognized by Forrester Research, Inc. as a leader in information security consulting services1, named by Kennedy Consulting Research and Advisory as a global leader in cyber security consulting2, and ranked No. 1 globally in security consulting, based on revenue, by Gartner.3 4  Please visit http://www.deloitte.com/us/resilientservices for more information.

About Deloitte's Cyber Risk Services

Deloitte's Cyber Risk Services help complex organizations more confidently leverage advanced technologies to achieve their strategic growth, innovation and performance objectives through proactive management of the associated cyber risks. With deep experience across a broad range of industries, Deloitte's more than 1600 practitioners provide advisory and implementation services, spanning executive and technical functions, to help transform legacy IT security programs into proactive Secure.Vigilant.Resilient. cyber risk programs that better align security investments with risk priorities, establish improved threat awareness and visibility, and strengthen the ability of organizations to thrive in the face of cyber incidents.

About Deloitte's Risk Advisory Practice

Deloitte's market-leading Risk Advisory Practice helps organizations build value by taking a strategic risk approach to managing financial, technology and business risks. This approach helps our clients focus on their areas of increased risk, bridge silos to effectively manage risk across organizational boundaries and seek not only risk mitigation, but also pursue intelligent risk taking as a means to value creation.

As used in this document, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

1"The Forrester Wave™: Information Security Consulting Services, Q1 2013", Forrester Research, February 1, 2013

2 "Cyber Security Consulting, 2013," Kennedy Consulting Research and Advisory, October 2013.

3 Source: Gartner, Market Share Analysis: Security Consulting, Worldwide, 2013, Lawrence Pingree, 16 May, 2014.

4 References by Forrester Research, Inc., Kennedy and Gartner are to the Cyber Risk Services practices of the member firms of Deloitte Touche Tohmatsu Limited, including those member firms outside the U.S., in the aggregate.

Photo - http://photos.prnewswire.com/prnh/20120803/MM52028LOGO-a

 

SOURCE Deloitte

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Ovum, a leading technology analyst firm, has published an in-depth report, Ovum Decision Matrix: Selecting a DevOps Release Management Solution, 2016–17. The report focuses on the automation aspects of DevOps, Release Management and compares solutions from the leading vendors.
Continuous testing helps bridge the gap between developing quickly and maintaining high quality products. But to implement continuous testing, CTOs must take a strategic approach to building a testing infrastructure and toolset that empowers their team to move fast. Download our guide to laying the groundwork for a scalable continuous testing strategy.
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
StackIQ has announced the release of Stacki 3.2. Stacki is an easy-to-use Linux server provisioning tool. Stacki 3.2 delivers new capabilities that simplify the automation and integration of site-specific requirements. StackIQ is the commercial entity behind this open source bare metal provisioning tool. Since the release of Stacki in June of 2015, the Stacki core team has been focused on making the Community Edition meet the needs of members of the community, adding features and value, while ...
Qosmos has announced new milestones in the detection of encrypted traffic and in protocol signature coverage. Qosmos latest software can accurately classify traffic encrypted with SSL/TLS (e.g., Google, Facebook, WhatsApp), P2P traffic (e.g., BitTorrent, MuTorrent, Vuze), and Skype, while preserving the privacy of communication content. These new classification techniques mean that traffic optimization, policy enforcement, and user experience are largely unaffected by encryption. In respect wit...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...
ReadyTalk has expanded the capabilities of the FoxDen collaboration platform announced late last year to include FoxDen Connect, an in-room video collaboration experience that launches with a single touch. With FoxDen Connect, users can now not only engage in HD video conferencing between iOS and Android mobile devices or Chrome browsers, but also set up in-person meeting rooms for video interactions. A host’s mobile device automatically recognizes the presence of a meeting room via beacon tech...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
Deploying applications in hybrid cloud environments is hard work. Your team spends most of the time maintaining your infrastructure, configuring dev/test and production environments, and deploying applications across environments – which can be both time consuming and error prone. But what if you could automate provisioning and deployment to deliver error free environments faster? What could you do with your free time?
Ixia (Nasdaq: XXIA) has announced that NoviFlow Inc.has deployed IxNetwork® to validate the company’s designs and accelerate the delivery of its proven, reliable products. Based in Montréal, NoviFlow Inc. supports network carriers, hyperscale data center operators, and enterprises seeking greater network control and flexibility, network scalability, and the capacity to handle extremely large numbers of flows, while maintaining maximum network performance. To meet these requirements, NoviFlow in...
Choosing the right cloud for your workloads is a balancing act that can cost your organization time, money and aggravation - unless you get it right the first time. Economics, speed, performance, accessibility, administrative needs and security all play a vital role in dictating your approach to the cloud. Without knowing the right questions to ask, you could wind up paying for capacity you'll never need or underestimating the resources required to run your applications.
It’s 2016: buildings are smart, connected and the IoT is fundamentally altering how control and operating systems work and speak to each other. Platforms across the enterprise are networked via inexpensive sensors to collect massive amounts of data for analytics, information management, and insights that can be used to continuously improve operations. In his session at @ThingsExpo, Brian Chemel, Co-Founder and CTO of Digital Lumens, will explore: The benefits sensor-networked systems bring to ...