for the ciso: continuous cyber attacks - achieving operational excellence for the new normal
TRANSCRIPT
Copyright © 2016 Accenture. All rights reserved.
Strategy and technology alone do not guarantee an effective cyber defense
The best strategy, supported by the latest technology, can fail if not executed properly.
Risks to effective cyber defense include:
•Increased exposure to attack (cloud, Internet of Things, connected devices)
•High turnover within security team
•Lack of visibility to critical assets
•Frequent IT changes not communicated
•Length of time taken to detect breaches
Copyright © 2016 Accenture. All rights reserved.
Shortage of critical technologies and skills hamper organizations’ security approach• Operations lack rigor and consistency
• Stakeholders remain unaware of their vulnerability
• Employees don’t follow standard security practices
• Security work generates “noise” that masks valid threats
• Out-dated tools and processes can limit effectiveness of the security team
Copyright © 2016 Accenture. All rights reserved.
Drive improved security operations from actionable threat intelligence
Steps that can create security operational excellence:
1.Assess effectiveness of current security processes
2.Invest in attracting and retaining skilled security talent
3.Automate intelligently to leverage scarce resources
4.Understand how threat data pertains to the business
5.Identify what isn’t known
6.Create a plan to address knowledge gaps
7.Find an effective sparring partner to improve security capabilities
Copyright © 2016 Accenture. All rights reserved.
Cyber defense strategies and supporting technology will only work if executed properly
Leading organizations focus on creating a highly efficient operating model that balances security operations, new technology implementation, testing of security posture and feedback to update defenses.
Strategy & Business Alignment
Assessment & Architecture
Governance, Risk & Compliance
People & Culture Change
Application & Data Security
Platform & Infrastructure Security
Digital Security
Vulnerability Management & Threat Intelligence
Advanced AdversarySimulations
Security Monitoring
Cyber ThreatAnalytics
Incident Response
Remediation
Copyright © 2016 Accenture. All rights reserved.
Achieving operational excellence in cyber defense requires a comprehensive approach
Our model helps organizations prepare and protect for threats, defend and detect breaches, and then respond to and recover from incidents.
Strategy & Business Alignment
Assessment & Architecture
Governance, Risk & Compliance
People & Culture Change
Application & Data Security
Platform & Infrastructure Security
Digital Security
Vulnerability Management & Threat Intelligence
Advanced AdversarySimulations
Security Monitoring
Cyber ThreatAnalytics
Incident Response
Remediation
Copyright © 2016 Accenture. All rights reserved.
Start with a big-picture strategy of how security supports business performance
• Forward-thinking capabilities to help scale activities
• IT strategy that provides greater understanding of assets, data sets, technical and business functions
Strategy & Business Alignment
Assessment & Architecture
Governance, Risk & Compliance
People & Culture Change
Application & Data Security
Platform & Infrastructure Security
Digital Security
Vulnerability Management & Threat Intelligence
Advanced AdversarySimulations
Security Monitoring
Cyber ThreatAnalytics
Incident Response
Remediation
Copyright © 2016 Accenture. All rights reserved.
Forward-thinking capabilities help scale activities effectively
• High-powered analytics to predict and detect incidents, and identify behavior changes that indicate security risks
• Emphasis on visualization to identify anomalies
Strategy & Business Alignment
Assessment & Architecture
Governance, Risk & Compliance
People & Culture Change
Application & Data Security
Platform & Infrastructure Security
Digital Security
Vulnerability Management & Threat Intelligence
Advanced AdversarySimulations
Security Monitoring
Cyber ThreatAnalytics
Incident Response
Remediation
Copyright © 2016 Accenture. All rights reserved.
Concentrate on intelligent incident response
• Platforms that guide operators in hunting for threats
• Train the same way the company fights attackers, to prepare for real-world adversaries
Strategy & Business Alignment
Assessment & Architecture
Governance, Risk & Compliance
People & Culture Change
Application & Data Security
Platform & Infrastructure Security
Digital Security
Vulnerability Management & Threat Intelligence
Advanced AdversarySimulations
Security Monitoring
Cyber ThreatAnalytics
Incident Response
Remediation
Powerpoint Title
The goalCreate a highly efficient operating model that balances security operations, new technology implementation, testing of security posture and feedback to update defenses.
Powerpoint Title
Thank YouPlease visit Accenture.com/CyberDefensePlanfor additional information.
#CyberDefense
Follow us on Twitter @AccentureSecure
About AccentureAccenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 373,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.
Accenture, its logo, and High performance. Delivered. are trademarks of Accenture.Copyright © 2016 AccentureAll rights reserved.