Deloitte: For CyberSecurity – Offense Can Be the Best Defense

As 2016 begins, organizations are going on the offense to combat cyber threats, according to a report this month by Deloitte LLP.  Companies and government agencies are no longer satisfied with simply "locking the doors" where cybersecurity is concerned, said the 2016 Deloitte Analytics Trends report.

Tags: algorithms, analytics, CISO, cybersecurity, data breech, data scientists, Deloitte, hacker, IT operations, monitoring, predictive analytics, rules, scanning, security, threat intelligence,

 

As 2016 begins, organizations are going on the offense to combat cyber threats, according to a report this month by Deloitte LLP.  Companies and government agencies are no longer satisfied with simply "locking the doors" where cybersecurity is concerned, said the 2016 Deloitte Analytics Trends report.

“Organizations with a sophisticated approach to cybersecurity are no longer satisfied with locking the doors after the robbery has been committed. [They] are beginning to employ more predictive approaches to threat intelligence and monitoring—in short, going on the offensive,” the Deloitte report found.

 

Guarding against cyber threats, which can lead to losses to corporate value and reputation, means more than protecting data, the report added.  “Product design and other IP are also vulnerable to theft and sabotage,” it found.

 

In this broader context, Deloitte’s report notes “going on offense” includes several approaches, including.

  • Automated scanning of Internet “chatter” by far flung groups and individuals who may intend cyber harm.
  • Analyzing past hacks and breaches to create predictive models of which threats are likely to surface next.
  • Systematic and continuous probing of the organization’s own defenses to make sure that others don’t find a security hole first.

 

"By going on the offensive with issues such as cybersecurity, organizations are making a strategic shift in the way they operate,” said John Lucker a principal with Deloitte Consulting LLP in a statement. "Business leaders continue to face many varying challenges and opportunities, and staying ahead of these trends will have a lasting impact on how their organizations will operate in the future.” 

 

Deloitte points out the financial services industry worldwide was expected to spend $27.4 billion on information security and fraud detection in 2015, according to estimates by International Data Corporation.

 

To get an insight into these spending strategies, Deloitte cites the head of security at an unidentified financial firm

“We’re really moving toward anticipating and predicting threats. We’re also trying to understand the threat landscape in different parts of the world—which is where external data and analytics come in,” this expert said.  To accomplish these goals, the firm is using an array of options including: rule-based technologies; advanced math and algorithms; models and analytics tools to analyze human behavior data from social media (and other external channels).

Even as going on offense against cyber threats sounds more appealing to more organizations, Deloitte also warns that getting up to speed to better predict threats will also mean they will likely need to recruit new talent.  

 

“Companies adopting these types of offensive steps will no doubt find that they need new capabilities. Many cyber professionals don’t have the skills to do predictive threat intelligence or predictive analysis of past breaches,” the report noted. “At the very least, extensive collaboration between analytics and cyber professionals may be required.”  

 

Deloitte’s report shares one last -- and very telling -- observation about why ‘going on offense’ against cyberthreats may prove increasingly important: “The problem is likely to grow as cybercriminals become more skilled in infiltrating technology architectures and systems that weren’t designed from the ground up through a security lens,“ it predicted.




back