Embed Size (px)
Citation preview
Secure. Vigilant. Resilient.TM
June 2018
Risk Advisory
Cyber Risk Managed Services
2
3
Is Your Business Security Centred? 4
Helping Complex Organizations Protect Growth, Performance, and Value 4
Deloitte Cyber Intelligence Centre (CIC) 6
CIC Operating Model 7
Why Choose Deloitte 7
Business Value 8
Contents
Secure. Vigilant. Resilient.TM
4
Is your business security centred?In recent years, cyber attacks have become increasingly coordinated and sophisticated, with cyber criminals targeting specific organizations, regions, and customer profiles. To prevent potential financial, reputational, and operational damage, organizations must go beyond the IT function. Senior management, legal counsel, and boards must take proactive steps to strengthen cyber resiliency.
To assess your preparedness, answer a few critical questions, such as:
What is your cyber security strategy?
• What capabilities do you have rightnow and how confident are you that it’sworking?
• What procedures would you follow if youwere under attack?
Get the answers you needDeloitte’s Cyber Intelligence Centre (CIC) can help you manage cyber risks with a range of customized, integrated security services that deliver 24x7, business-focused security for your critical systems and data.
Identified as a Kennedy Vanguard Leader for having the most comprehensive competency strengths across the cyber spectrum, Deloitte provides security services to some of the world’s largest organizations.
Helping complex organizations protect growth, performance, and valueCyber security has never been more challenging, – and the costs and consequences of inadequate security are also at an all-time high. A cyber - attack can cause a rippling brand, reputation,
and financial damage within hours. While massive data breaches are commonplace, a growing number of attackers are after more than data and financial gain; they can be out to cause widespread chaos, destroy or disrupt operations, or undermine the competitive standing or market position of their target. Across all government and industry sectors, many IT leaders would also say it’s an exceptionally challenging time to be at the helm of a cyber security program. While the attackers adjust and develop their tactics at an alarming pace, security leaders also face growing pressure from directors and executives, a constantly shifting regulatory environment , and an erosion of direct control over the complex and fast-changing technology environment. While the challenges may seem infinite, budgets and talent are not. If the objective is to continually face -off against increasingly sophisticated attackers, no amount of resources would likely be adequate.
CANADA
USA
UK
DENMARK
NETHERLAND
FRANCE
SPAIN
BELGIUM
HUNGARY
TURKEY
ISRAEL
INDIA
JAPAN
MALAYSIA
SINGAPORE
SOUTH AFRICA
Deloitte Cyber Intelligence Centre
BRAZIL
ARGENTINA AUSTRALIA
Secure. Vigilant. Resilient.TM
5
Secure. Vigilant. Resilient.TM
6
Deloitte Cyber Intelligence Centre (CIC)
The Deloitte Cyber Intelligence Centre (CIC) combines deep cyber intelligence with broad business intelligence to deliver relevant, tailored, and actionable insights to enable business decision-making. The CIC fuses a number of services together to provide our clients with a truly tailored service that enables them to fully understand their cyber risks and adopt proportionate responses in an increasingly digital and interconnected business environment. We do this by providing them with improved visibility of threats and assets, based on highly relevant intelligence that reflects their specific business, market, and industry context.
Based on a shared service delivery model, it is architecture on a high-performance truly integrated security analytics and intelligence platform and is backed by world- class professional services expertise. We also continually invest in R&D, platforms, and people. This ensures our clients are able to stay secure in a rapidly evolving threat landscape, while avoiding spiralling costs and investment requirements.
Alongside our threat intelligence services, our global, 24x7 Cyber response team, informed by zero-day threat intelligence, delivers proactive incident response, fast and decisive remediation, and holistic crisis management support. This helps clients reduce the business impact of incidents, limit brand damage, and lower the risk of repeat occurrences.
Serv
ice
Cove
rage
Service Diversity
Security Operations Transformation & Risk
Integration
24x7x365 Security Incident Management
Basic Device Monitoring
Managed Security Services
Actionable Threat
IntelligenceBusiness
Contextualization
Security ArchitectureSIEM Deployment
Security Operations
Cyber Threat Intelligence
Risk Intelligence
Operational Excellence
Secure. Vigilant. Resilient.TM
7
Business Value Augmentation/In-sourced
Co-sourced Managed/Hybrid CIC
Model Deloitte resources work under client direction and supervision
Deloitte and client jointly responsible for plan and deliverables
Deloitte responsible for deliverables, working in collaboration with client
Deloitte assumes custodial responsibility of security infrastructure platforms & processes
Location Onshore and offshore Onshore and offshore Client coordination team on-site, rest of team work Onshore or offshore
Client coordination team on-site, rest of the team works offshore
Benefites Quick ramp-up suitable to handle fast turnaround jobs and filling skill gaps in existing client teams
Cost savings from leveraging Deloitte processes, committed process improvements
Cost savings from leveraging Deloitte processes and assets, commitment to schedules. Tools provided by Client
Cost savings from leveraging Deloitte processes and tools, committed service levels (including productivity gains) and schedules. MSSP or dedicated tools by Deloitte
Pricing Time and Material (T&M) T&M or fixed fee T&M or fixed fee Fixed or value based
Buy Skills Skills, delivery commitment, and process improvements
Committed outcomes Committed outcomes
CIC Operating ModelDeloitte provides flexibility in services and delivery models to meet your business and operational requirement:
Why choose DeloitteOur Cyber Risk Services practice is founded on Deloitte’s depth of experience in risk, regulation, and technology, helping you to do the following:
• Continuously advance your Secure.Vigilant. Resilient.TM program, regardlessof where you’re starting from, creatingan extensible foundation for futurecapabilities.
• Unify compliance and technology riskefforts to help you address regulatorymandates without losing sight of thelarger business risk issues.
• Achieve the fundamentals fasterquicker,leveraging our engagement accelerators,extensive industry experience, and deepcyber risk domain knowledge.
• Focus on what matters throughengagements that drive alignment to yourtop business risks, informed by currentawareness of the threat landscape.
• Support strategic business initiativesthrough integrated strategies to addressthe associated cyber risks.
Deloitte offers a complete portfolio of services to help complex organizations establish their cyber risk appetite, design and implement Secure. Vigilant. Resilient. programs, and assist in the ongoing management, maintenance, and adaptation of their programs as the business and threat environment change.
TM
Secure. Vigilant. Resilient.TM
8
Secure. Vigilant. Resilient.TM
9
Our Mission Our Capability Our Goals
Provide a client- centric cyber risk managed services with advance security platform and proven skills to deliver services.
• Global Capability: We bring Deloitte’sglobal network to every client.
• Global Research: We harness thestrength of our global research team.
• Risk focus: Deloitte’s approachunderstands the unique nature of cyberthreat monitoring based on businesscontext and applicable threats.
• Performance: We drive for excellencethrough verifiable processes, metrics,and measures.
• Solutions based: We provide a solutions- based service.
• Quality: We strive for the utmost quality.
• Transparency: We earn our client’sconfidence and trust through executionand transparency.
Fast facts
• Centre of Excellence (CoE) helpsstandardize our solutions delivery
• Experience with industry-provenmethodologies and tools
• Vendor-agnostic and tool-agnosticsolutions
• Cutting edge vulnerability researchcapabilities
• Breadth of experiences strategy,assessment, architecture, designand implementation of securitysolutions
• Ability to address core securitysolutions and key elements usingroot cause analysis
• Consistent and controlledapproach
• Adaptive, consultative, risk-basedsolution
• Clear articulation of business andtechnical risk
Secure. Vigilant. Resilient.TM
10
Key Contacts:Rohit MahajanPresident - Risk Advisory [email protected] Mumbai
Shree Parthasarathy Partner - Risk Advisory [email protected] Delhi
Anand Tiwari Partner - Risk Advisory [email protected] Delhi
Sandeep KumarPartner - Risk Advisory [email protected] Delhi
Secure. Vigilant. Resilient.TM
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.
This material is prepared by Deloitte Touche Tohmatsu India LLP (DTTILLP). This material (including any information contained in it) is intended to provide general information on a particular subject(s) and is not an exhaustive treatment of such subject(s) or a substitute to obtaining professional services or advice. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. None of DTTILLP, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this material, rendering any kind of investment, legal or other professional advice or services. You should seek specific advice of the relevant professional(s) for these kind of services. This material or information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser.
No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person or entity by reason of access to, use of or reliance on, this material. By using this material or any information contained in it, the user accepts this entire notice and terms of use.
© 2018 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited
