The cyber security imperative. Protect your organization from cyber threats



Similar documents
The enemies ashore Vulnerabilities & hackers: A relationship that works

Addressing Cyber Risk Building robust cyber governance

Cyber Security Evolved

Cyber security: everybody s imperative. A guide for the C-suite and boards on guarding against cyber risks

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Advanced Threat Protection with Dell SecureWorks Security Services

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Into the cybersecurity breach

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Cybersecurity The role of Internal Audit

Cybersecurity and internal audit. August 15, 2014

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Protecting against cyber threats and security breaches

Cyber Security Metrics Dashboards & Analytics

Continuous Network Monitoring

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

CyberArk Privileged Threat Analytics. Solution Brief

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Getting real about cyber threats: where are you headed?

CYBER SECURITY, A GROWING CIO PRIORITY

The Next Generation Security Operations Center

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Best Practices for Building a Security Operations Center

Defending Against Cyber Attacks with SessionLevel Network Security

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Payment Card Industry Data Security Standard

Caretower s SIEM Managed Security Services

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Cisco Security Optimization Service

SIEM Implementation Approach Discussion. April 2012

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

End-user Security Analytics Strengthens Protection with ArcSight

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Cyber security Building confidence in your digital future

IBM Security QRadar Vulnerability Manager

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Spyders Managed Security Services

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Defending Against Data Beaches: Internal Controls for Cybersecurity

CYBER SECURITY TRAINING SAFE AND SECURE

Advanced Threats: The New World Order

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

FIVE PRACTICAL STEPS

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Preemptive security solutions for healthcare

A NEW APPROACH TO CYBER SECURITY

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

HP and netforensics Security Information Management solutions. Business blueprint

How To Create An Insight Analysis For Cyber Security

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

Content Security: Protect Your Network with Five Must-Haves

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

The Value of Vulnerability Management*

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Attack Intelligence: Why It Matters

High End Information Security Services

Address C-level Cybersecurity issues to enable and secure Digital transformation

Extreme Networks Security Analytics G2 Vulnerability Manager

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

External Supplier Control Requirements

Bio-inspired cyber security for your enterprise

Internet Safety and Security: Strategies for Building an Internet Safety Wall

How To Protect Your Network From Attack From A Network Security Threat

Requirements When Considering a Next- Generation Firewall

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

IBM Security Intelligence Strategy

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations

Cisco Remote Management Services for Security

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Enterprise Security Tactical Plan

Italy. EY s Global Information Security Survey 2013

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

GEARS Cyber-Security Services

IBM Security QRadar Risk Manager

Vulnerability Management

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

New York State Department of Financial Services. Report on Cyber Security in the Insurance Sector

Defending against modern cyber threats

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Transcription:

The cyber security imperative Protect your organization from cyber threats

Contents Cyber threats are real and growing... 1 A full range of cyber security solutions... 2 Managed Security Services (MSS)... 4 Cyber Threat Intelligence... 5 Security Intelligence and Operations Centre (SIOC)... 6 Deloitte Advanced Threat (DAT)... 7 Security Information and Event Management (SIEM)... 8 Advanced Threat Content and End Point Management... 9 Strengthen your cyber security... 10 Contacts... 12 2 The cyber security imperative

Cyber threats are real and growing Corporate espionage. Political activism. Market disruption. Financial gain. Whatever the motivations, cyber crime has become pervasive and continues to spread. From May 2012 to May 2013, Canadian organizations suffered over $5.3 million in losses due to cyber attacks 1 caused by data sabotage, virus and malware propagation, theft of devices, financial fraud and other vulnerability exploits. Beyond inflicting severe financial loss, cyber attacks can lead to regulatory sanctions, business continuity disruptions, lawsuits and staggering reputational damage. No business or public sector organization is safe. As cyber criminals become increasingly savvy, organizations often find themselves hopelessly outmatched as their employees, customers or constituents private data from financial records and secure passwords to health information and even identities falls prey to these concerted attacks. As industries become more interdependent, the pace of change accelerates and reliance on cyber grows, the potential for catastrophic physical and economic damage mounts. To protect against these cyber threats, organizations need more powerful cyber security solutions ones that allow them to identify threats in real time, limit exposures, reduce time to recovery and prevent future attacks. Deloitte can help. The cyber security imperative 1

A full range of cyber security solutions While most organizations understand the importance of protecting their systems, networks and data from cyber threats and breaches, it is becoming increasingly difficult to counter these attacks without help. Kennedy Consulting Research & Advisory, a leading analyst firm, recently released a report that addresses this issue. The report provides an assessment of cyber security consulting providers in terms of the relative breadth and depth of their cyber security consulting capabilities. Notably, Deloitte was named a Kennedy Vanguard Leader and identified as the provider with the most comprehensive competency strengths across the cyber spectrum. 2 Deloitte has honed these strengths by providing security services to some of the world s largest organizations. Globally, we have over 900 Certified Information Systems Security Professionals (CISSP), 1,500 Certified Information Systems Auditors (CISA), 150 Certified Information Security Managers (CISM) and 65 Certified International Privacy Professionals (CIPP). We also have Security Technology Centres located strategically across Canada. 2 The cyber security imperative

To help organizations realize the benefits of digital business, while mitigating its risks, our cyber security services cover four critical elements: Sense To counter cyber security threats, you need to know which threats are relevant to your organization and where they originate. Deloitte s cyber sense capability can help you identify current and emerging cyber threats and address vulnerabilities in your cyber profile. Related services: Cyber Threat Intelligence. Prepare As cyber threats escalate, your technology architecture, security processes and cultural strategy must evolve to keep pace. Deloitte s cyber prepare solutions can help you put the right defense mechanisms into place, stress test your plans through cyber simulations and implement the behavioural changes necessary to strengthen your cyber security posture. Related services: Cyber awareness, Cyber governance and cyber security policies Detect Massive data proliferation continues to challenge security teams, making it difficult to uncover, identify and respond to potential breaches in a timely manner. Deloitte s detect offerings help bolster your internal resources and deliver access to analytic solutions that make it easier to discover cyber breaches before they cause harm. Related services: Managed Security Services (MSS); Security Information and Event Management (SIEM). Respond When a cyber incident occurs, the response must be immediate, thorough and decisive. Deloitte s cyber response services can provide you with access to the skills, experience and knowledge needed during times of crisis. In addition to establishing the nature of the incident, we work with you to calculate and minimize damages, uncover the root causes of the incident and remediate exposures to prevent future loss. Related services: Managed Security Services (MSS); Security Intelligence Operations Centre (SIOC). The cyber security imperative 3

Managed Security Services (MSS) Free up in-house resources with outsourced solutions Benefits Predict and prevent security incidents based on past and ongoing events Improve the effectiveness of your security controls Reduce compliance and regulatory risk Gain current and dynamic awareness of the cyber threats endangering your assets, networks and data Enhance threat detection and response 4 The cyber security imperative As cyber threats evolve, it gets harder for internal security teams to detect and address advanced threats around the clock. The resources required to effectively monitor all applications and devices, implement emerging security controls or even analyze security logs can be staggering. Managed security services relieve that burden by providing you with advanced security event monitoring, analytics, cyber threat management and incident response. Services include the following: Service portfolio management and onboarding: an effective cyber security program begins with strategic planning. Deloitte professionals have the experience to help you build a SIOC business case, assess your cyber security readiness and discuss the potential impact of cyber threats with your board. Intelligence, Surveillance and Cyber Watch: to help you keep track of global cyber threats, Deloitte conducts in-depth threat surveillance, threat indicator analysis and cyber chatter analysis and delivers ongoing reports to keep you in-the-know. Security monitoring and advanced analytics: the Deloitte Cyber Intelligence Centre (CIC) will monitor your systems around-the-clock while leveraging advanced techniques such as predictive analytics and adaptive risk modeling to detect advanced threats. Analysis, investigations, CERT and containment: to help you prepare for an attack scenario, Deloitte will work with you to run cyber simulations and develop a robust response plan. If an attack does get through, we can also help with response coordination, forensic investigation and root cause analysis. Content development: by monitoring hundreds of intelligence sources, Deloitte maintains the most current threat content possible, sharing new signature recommendations and new detection scenarios. Executive and operational reporting: get detailed reports on threat conditions, SIOC process enhancements, configuration enhancements and a range of other metrics that apply to your organization.

Cyber Threat Intelligence Uncover and address vulnerabilities in your cyber profile Enrichment: provides a comprehensive understanding of the organization s ability to counter cyber threats. In today s digital landscape, the traditional approach to security no longer works. Firewalls don t consider infection vectors like phishing attacks and SIOCial engineering. Malware and anonymization techniques can circumvent current security controls. Even intrusion detection systems and anti-virus solutions are becoming obsolete. To manage cyber risk, you need an intelligence-based approach one that uses knowledge of cyber adversaries and their methods, combined with knowledge of your own security posture, against those adversaries and their methods. Cyber threat intelligence delivers by producing actionable intelligence organizations can use to make informed risk decisions. Its components include the following: Internal and external intelligence gathering: Deloitte aggregates, maintains and manages a repository of over 300 intelligence sources, including cyber criminal surveillance intelligence. Normalization: analyzes captured intelligence to identify emerging or active security threats. Fusion: strengthens your overall security posture with security control updates, authentication decisions, risk assessment intelligence, technology investment intelligence and assistance with vendor selection and HR decisions. Benefits Access timely, actionable intelligence to defend against sophisticated cyber attacks Learn how to apply that intelligence to your environment Identify and manage internal threat use cases and correlation opportunities Gain a holistic view into your organization s internal and external threat profile Benefit from situational awareness across industries, criminal techniques, exploits and vulnerabilities The cyber security imperative 5

Security Intelligence and Operations Centre (SIOC) Build and operate a world-class cyber SIOC Security Intelligence and Operations A Centre (SIOC) is an evolution to the conventional SOC (Security Operations Center) that builds and fuses intelligence as the major tenant of the monitoring and threat response capability. Services include the following: SIOC strategy development: following a readiness assessment and feasibility analysis, we help you build a SIOC roadmap focused on delivering a return on your investment. Benefits Leveraging decades of SIOC implementation experience, Deloitte can help you overcome these challenges. Our Adaptive Cyber Watch (ACW) SIOC methodology provides you with the tools and accelerators you need to assess, plan and implement a businesscentric, high-performance SIOC. Access timely, actionable intelligence to defend against sophisticated cyber attacks SIOC preparation: assess available vendor solutions, develop a project charter and risk management plan, create a governance structure and adopt appropriate controls. SIOC implementation: design and stage your SIOC architecture, implement security management protocols and identify the people, processes and technologies that can help you succeed. SIOC optimization: improve your SIOC processes with cyber SIOC accelerators, a metrics program, escalation procedures and integration with enterprise processes. Learn how to apply that intelligence to your environment Identify and manage internal threat use cases and correlation opportunities Gain a holistic view into your organization s internal and external threat profile Benefit from situational awareness across industries, criminal techniques, exploits and vulnerabilities 6 The cyber security imperative

Deloitte Advanced Threat (DAT) Combat advanced, adaptive and persistent threats High 8. Long-term organizational controls 1. Discovery controls Risk management 7. Cyber espionage controls 6. IP loss controls Deloitte`s advanced threat solution pack 2. Targeting controls 3. Deposit controls 5. Propagation controls 4. Beaconing controls Low Strategic growth Organizations are increasingly exposed to sophisticated and adaptive cyber threats one that evade normal detection controls or hide behind seemingly-normal behaviour. Unfortunately, most existing controls focus on threats that cyber criminals have long left behind. Rather than evolving with a polymorphic, rapidly-shifting threat environment, they tend to focus on point-in-time threats and legacy use cases. Deloitte Advanced Threat (DAT) uses a series of content, processes, threat accelerators, intelligence, workflow and enablers to help you counter the most advanced threats. Powered by ArcSight, the engine is designed to negate the weaknesses of typical monolithic security systems. High Benefits Access cyber threat intelligence from over 300 external and internal intelligence sources Automatically discover and shut down rogue network devices Keep pace with evolving threats with an adaptive risk model Monitor threats and clandestine activity with predictive analytics Achieve a higher degree of situational awareness Accelerate investigations with advanced threat queries and reporting The cyber security imperative 7

Security Information and Event Management (SIEM) Accelerate cyber threat discovery and recovery Even though most data breaches are persistent and ongoing, organizations frequently fail to detect them. The reasons are varied: some organizations have no security log management strategy, some systems don t work properly and some logs are simply not examined. As a result, organizations lack visibility into external and internal threats, data misappropriation and misuse, virus outbreaks and other highimpact security incidents. Benefits Reduce the severity and cost of security breaches by accelerating incident response and recovery Track threats in real time with advanced correlation of meta data Improve security policy enforcement Gain the ability to analyze applications and detect anomalous behaviour Enhance security compliance Integrate SIEM with your overall security management architecture Reduce the potential for system disruption from cyber threats To accelerate cyber threat discovery and recovery, organizations must strengthen their security information and event management (SIEM) systems. With experience deploying all major SIEM tools, and integrating SIEM into existing IT processes, Deloitte can help. Steps include the following: Log collection: collect data from security devices using a range of methods and protocols. Data normalization and aggregation: create standard message formats and aggregate the data based on various criteria. Data correlation: sort data, determine relationships between log events and assign weighted threat values to each event. Event notification: via email, remedy tickets or other means. Reporting: provides capabilities to query log events stored in the database and visualize events and trends. 8 The cyber security imperative

Advanced Threat Content and End Point Management Discover your weaknesses Cyber simulations: our simulation professionals work with you to test and refine your cyber incident management strategy against realistic scenarios to identify errors, false assumptions and gaps in your plans. Cyber attackers are always searching for new vulnerabilities. To protect your critical assets, you need to assess and verify your vulnerability exposure, identify which threats are relevant to your organization and take pragmatic action to enhance your security. Deloitte s team of vulnerability management professionals can run regular light-tough vulnerability assessments, scanning your entire organization s systems and processes to help identify new and existing weaknesses and map their corresponding impact to your business. Services include the following: Penetration testing: our penetration testers help with your day-to-day vulnerability management, going as far as hackers would to try and gain access to, or compromise, your systems. With a clear picture of your vulnerabilities and their potential impacts, we can provide recommendations for remedial action to strengthen your cyber defenses. Managed data loss prevention: to increase the effectiveness of your data loss prevention measures, our team can take over your day-to-day operations, as well as investigating and remediating any incidents discovered. Deloitte Fusion: Deloitte s Cyber Security Fusion Centre provides access to near real-time cyber intelligence to keep you informed about new threats that can affect your industry, infrastructure or deployed technology. Benefits Enhance your threat detection results with manual testing of your target environment Understand how hackers work and the damages they can cause to your organization Protect your business-critical processes and systems from evolving software vulnerabilities Improve your overall security posture, as well as your incident detection and response capabilities Identify and address exploitable weaknesses Leverage international best practices with access to Deloitte s worldwide Security Technology Centres The cyber security imperative 9

Strengthen your cyber security As reliance on digital technologies grows, cyber adversaries have become extremely inventive in their attacks. Organizations that continue to rely on outmoded security measures leave themselves increasingly vulnerable exposing themselves, their stakeholders and the economy at large to the potential for severe damage. To counter these threats, it s time for organizations to refine their cyber security programs. Beyond enhancing regulatory compliance, an effective cyber security program can help organizations disrupt attacks as they happen, reduce the timeframe and costs of recovery, and contain future threats. No matter where you are in the cyber security lifecycle, Deloitte can help you strengthen your security stance. With a flexible, pragmatic and independent approach to cyber security, we can work with you from the network to the boardroom to address the constantly changing threat landscape. 10 The cyber security imperative

Cyber security maturity model Operational excellence Situational awareness of cyber threats Basic online brand monitoring Online brand & social medial policing Brand monitoring Proactive threat management Blissful ignorance Basic network protection IT service desk & whistleblowing Traditional signature-based security controls Acceptable usage policy IT BC & DR exercises Ad hoc infrastructure application protection Security log collection & ad hoc reporting Periodic IT asset vulnerability assessments Transformation Ad-hoc systems / malware forensics Ad-hoc threat intelligence sharing with peers Commercial & open source threat intelligence feeds Network & system centric activity profiling General information security training and awareness IT cyber attack simulations Enterprise-wide infrastructure & application protection 24x7 technology centric security event reporting Automated IT asset vulnerability monitoring Cyber security maturity levels Automated malware forensics & manual electronic discovery Government / sector threat intelligence collaboration Criminal / hacker surveillance Workforce / customer behaviour profiling Targeted intelligencebased cyber security awareness Business-wide cyber attack exercises Identity-aware information protection External & internal threat intelligence correlation Targeted cross-platform user activity monitoring Automated electronic discovery & forensics Global cross-sector threat intelligence sharing Baiting & counterthreat intelligence Real-time business risk analytics & decision support Business partner cyber security awareness Sector-wide & supply chain cyber attack exercises Adaptive & automated security control updates Cross-channel malicious activity detection Tailored & integrated business process monitoring Level 1 Level 2 Level 3 Level 4 Level 5 E-discovery & forensics Intelligence collaboration External threat intelligence Behavioural analytics Training & awareness Cyber attack preparation Asset protection Security event monitoring Internal threat intelligence Media & SMEs Consumer business & life sciences Retail banks & energy providers Investment banks Military & defence The cyber security imperative 11

For more information on cyber threat, please contact: National contacts Nick Galletto Partner Enterprise Risk Services 416-601-6734 ngalletto@deloitte.ca Mark Fernandes Partner Enterprise Risk Services 416-601-6473 markfernandes@deloitte.ca Regional contacts Amir Belkhelladi Partner Enterprise Risk Services 514-393-7035 abelkhelladi@deloitte.ca Justin Fong Partner Enterprise Risk Services 403-503-1464 jfong@deloitte.ca Alain Rocan Partner Enterprise Risk Services 613-751-5386 arocan@deloitte.ca Albert Yap Partner Enterprise Risk Services 604-640-3279 ayap@deloitte.ca Dina Kamal Senior Manager Enterprise Risk Services 416-775-7414 dkamal@deloitte.ca 12 The cyber security imperative

The cyber security imperative 13

Endnotes 1 International Cyber Security Protection Alliance, May 2013. Study of the Impact of Cyber Crime on Businesses in Canada. Accessible at https://www.icspa.org/fileadmin/user_upload/downloads/icspa_canada_cyber_crime_study_may_2013.pdf. 2 Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates 2013 Kennedy Information, LLC. Reproduced under license www.deloitte.ca Deloitte, one of Canada s leading professional services firms, provides audit, tax, consulting, and financial advisory services. Deloitte LLP, an Ontario limited liability partnership, is the Canadian member firm of Deloitte Touche Tohmatsu Limited. Deloitte operates in Quebec as Deloitte s.e.n.c.r.l., a Quebec limited liability partnership. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Deloitte LLP and affiliated entities. Designed and produced by the Deloitte Design Studio, Canada. 13-3694

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information