Is the answer to cybersecurity more technology, more people or more process?

Transcription

1 Is the answer to cybersecurity more technology, more people or more process? Cybersecurity can only be addressed by combining technology and business acumen with unique human insights. ey.com/betterworkingworld #BetterQuestions

2 Risk Our cyber capabilities EY Cyber s mission is to build a more secure and trusted working world. Cybersecurity is not just a technology or risk issue. It s a strategic business imperative. That s why we bring a cross-functional team of cybersecurity professionals, business advisors, investigators, and technical and IT risk practitioners to help you tackle your biggest challenges. Being resilient Building trust With digital and geopolitical threats increasing, businesses need more than an off-the-shelf security solution or basic risk mitigation to protect critical assets. These threats expose the real reputational and financial risks your organization faces. Ernst & Young LLP has invested heavily in infrastructure, technology and talent to help you operate your business, and capitalize on opportunities while under attack and manage your risk profile. Our Cyber practice unites talents from both the public and private sector, including the National Security Agency (NSA), the Central Intelligence Agency (CIA), the US Air Force, the US Marines, the Federal Bureau of Investigation (FBI) and leading technology companies all over the world. To thrive, you need the ability to adapt. That means embedding cybersecurity resilience everywhere at every level of your organization. It s the intersection of business strategy, risk management, digital evolution, real-time operations, technology innovation and predictive analytics that allows you to prioritize the right decisions, faster! Having experience in your industry allows us to understand the specific challenges you face in protecting your business. Our global ecosystem of talent, strategic alliances, intellectual property, managed services and technologies means we bring the right insight at the right time. While complexity increases every day, we continue to collaborate with you to give your organization real-time agility and resilience against cybersecurity threats while enabling growth and opportunity. Digital and Analytics Security Analytics Data, Identity, Behavioral and Cogitative Internet of Connected Things Security Operational Technology Security Internet of Things (IoT) Security Cloud and Mobility Security Digital Trust Data Identification and Protection Social Media Security Digital Identity Security Cyber Operations Defense and Response Threat Detection and Response Management Incident Response Threat Intelligence Active Defense (Hunting) Red Team Security Operations Threat Exposure Management Software Security Service Product Security Vulnerability Identification and Management Governance and Compliance Cyber-as-a-Service Offerings Cyber Regulations, Privacy and Threat Detection and Response Monitoring Compliance Program Development and Security Operations Monitoring Service Improvement Insider Threat Monitoring Service Assessments Cloud Security Monitoring Service Cyber Governance and Policy Threat Exposure Monitoring Software Security Monitoring and Identity and Privileged Protection Regulatory Inventory and Data Vulnerability Identification Scanning and Classification Protection Service Privacy Assurance Internet of Connected Things Monitoring and Protection Data Identification, Protection and Monitoring Identity and Access Monitoring Strategy and Architecture Architecture and Design Identity, Data, Threat Strategic Assessment and Program Countermeasure Assessment Technology Strategy Assessment Strategic Intelligence Program Business Risk Strategy Analytics Strategy Operations Strategy Identity Strategy Cyber Acceleration Security Training and Awareness Performance Management Technology and Innovation Cyber Innovation Insider Threat Identification Service Medical Device Vulnerability Identification Service Autonomous Car Vulnerability Identification Cyber Orchestration and Robotics Advanced Malware Detonation Cyber Technology Ecosystem Microsoft Security IBM Security SAP Security GE Digital Security Cisco Security Advanced Technology Implementation Security 2

3 Cyber Digital and Analytics Cyber Defense and Response Digital is poised to redefine the human-to-business experience. Digital solutions are creating new economies, new communities, new processes a new normal expectation. Designed to eliminate corporate boundaries by embracing analytics and machine learning, mobile, cloud, and the Internet of Connected Things, digital solutions have the ability to predict, detect and respond to needs without conscious intervention. Cyber Defense and Response services delivered through advanced security centers (ASCs) help clients thwart, detect and respond to real-world attacks and improve their overall cybersecurity posture. Data identification and protection Securing data throughout the digital experience is critical to achieving the expected value. Evaluating existing applications and deploying new ones that detect, prevent and report suspicious activities can help manage the risk associated with digital data. Digital identity and access Next-gen identity and access management accelerates productivity, improves end-user digital experience and decreases cost of ownership. Anyone, anywhere, any device, anytime. 5 Software and product security Enabling security throughout the software development life cycle. 4 6 Digital Trust model components 1 Analytics Modeling and deploying descriptive, diagnostic and predictive analytics provide insights in real time to detect and respond to digital risks. 3 2 Cloud and mobility Secure solutions throughout the life cycle include readiness evaluations, secure design, development, governance and transition to operations. Internet of Connected Things (ICT) From connected devices to embedded sensors, our ICT services identify vulnerabilities and risks; support the design and development of secure solutions; and provide comprehensive digital security operation center support. Time to detect Our vision is that the initiation and integration of the components of our framework provide our clients with relevant and actionable insight. These services can be delivered through a traditional advisory approach or as a managed service offering through Cyber-as-a-Service. Time to fix The digital transformation of IT and business into new markets like cloud, mobile, ICT and social media has opened new security weaknesses in your environment. How can you identify and manage the risk associated with your digital strategy? How can you prevent, detect and respond in minutes? Analytics Advanced cybersecurity analytics will help your organization develop predictive capabilities and give you visibility into the dark spaces of your network. Cloud and mobility Internet of Connected Things As the digital Computing hardware transformation gets smaller, and continues to accelerate, every device becomes cloud and mobile connected. adoption is the How are you first platform to be maintaining your leveraged. security posture How are you during this type of maintaining security adoption? over these platforms? Social media Social media is being leveraged by more organizations every day and by more malicious actors every day. How do you protect your data over these platforms? Digital identity and access management The organization becomes compromised, and malicious actors steal your credentials. How do you manage and protect your credentials over the cloud? Data identification and protection Organizations continue to leverage and expand their data repositories. How are you maintaining security awareness and protection of all your critical data? Cyber threat intelligence Cyber threat intelligence informs decision-makers and security teams by quantifying and qualifying threats in cyberspace. Security monitoring Detect and respond to attacks before critical company services are disrupted or high-value assets are compromised. Incident response Prepare for the inevitable attack and manage the aftermath of an incident or data breach. Vulnerability management Identify and manage security vulnerabilities across deployed technologies for timely remediation. Vulnerability identification Provide a simulated test and help assess the extent to which the organization is vulnerable. Software security Proactively identify and remediate security vulnerabilities during the software development life cycle. 3 EY Cybersecurity 4

4 Cyber Strategy and Architecture Cyber Operations Cybersecurity is a top risk for companies, but it s too often addressed tactically and reactively. Our Cyber Strategy and Risk services allow our clients to build a strategy and cyber function that is aligned with their business objectives. It is data-driven and provides a sustainable and defensible cyber capability. You understand your business better than anyone else. It is only logical that you decide how to increase security. We provide options to help you build, co-source or buy capabilities. We believe an effective solution is a tool that should integrate and not dictate. Spending needs to be aligned to mitigate the risks that matter most. We provide peer comparison benchmarking and analyticsdriven decision support for where the next incremental dollar should be spent to maximize impact. Our clients should be focused on taking risks to grow their business via new products and markets without undue focus on cyber. Training Performance Assessment Strategy and Architecture Architecture Acceleration Transformation We codevelop strategies and organizations to empower business growth by mitigating risks that could disrupt the achievement of business goals. Our focus on data-driven analytics provides our clients with real-time performance management capabilities via dashboarding and continuous monitoring. Management and the board can understand how their investments in cyber are producing real risk reduction. Speed to maturity Ability to move your program up the maturity curve rapidly with proven methodologies, processes and technology Lower start-up costs No need for you to invest significant staff and upfront capital to increase maturity and capabilities Scalable service Meets changing resource bandwidth requirements without locking in full-time resources, leveraging economies of scale where practical Analytics Benefits of EY s Cyber-as-a-Service Management Identity and Access Data Protection CaaS Automation Threat Detection and Response Threat Exposure Management Intelligence Access to specific, scarce skill sets Resources offer sectorspecific knowledge and multidisciplinary experience Access to global resources Facilitates localized knowledge (languages, geographies) Freed-up resources Facilitates resource redeployment to focus on other value-added activities to manage your business Proven tools and methodologies Enables repeatable and efficient security management activities How do you build security into all lines of business? How do you scale and increase security situational awareness with limited people? Program assessment Evaluating the current capability of the cyber function through analytics and process maturity Strategy and road map development Defining the cyber function s ability to appropriately and sustainably protect business and information assets Program co-sourcing and transformation Providing services and surge staffing support to effect a sustainable cyber program transformation Program analytics and executive reporting Enable data-driven continuous monitoring of the cyber function and its ability to meet changing business and threat conditions Threat Detection and Response identifies and remediates threats before high-value assets are affected. Automated detection lowers incident investigation costs. Threat Exposure Management proactively discovers and remediates vulnerabilities. Ninety-nine percent of exploits are through vulnerabilities that have been published for over a year. This service reduces the likelihood of an exploit and mitigates the risk of a cyber breach. Identity and Access Management promotes controlled access to resources. User provisioning is automated. Spending becomes more predictable. Cost of ownership is lowered. Data Protection guards critical and sensitive data. Round-the-clock data loss monitoring and response capabilities protect against a breach. 5 EY Cybersecurity 6

5 Cyber Governance and Compliance Cyber Technology and Innovation Cyber-related regulatory and compliance requirements are expanding well beyond industry-specific mandates. EY Cyber continues to develop and work with the most cutting-edge and innovative companies in the cyber ecosystem to bring a new level of experience and provide innovative offerings to our clients. Program Maturity and Risk Management Compliance Requirements Internal Audit Vendor Assessments Personal Information Inventory and Data Flow Personal Information Inventory Personal Information Flow Documentation Privacy Program Development and Improvement Program Strategy and Development Policy Development Compliance and Monitoring *GDPR = Global Data Privacy Regulation CBPR = Cross Border Privacy Rules FISMA = Federal Information Systems Management Act FedRAMP = Federal Risk and Authorization Management Program DFARS = Defense Federal Acquisition Regulation Supplement EY Cybersecurity EY Cyber Alliance Ecosystem An y Cloud Identity tw o Application ry Network st ne rk A ny i n du How do you leverage innovative technology to reduce risk, increase visibility and build efficiencies? Privacy Assurance Privacy SOC 2/3 Other attestation reports Microsoft/EY Joint IBM/EY Joint RSA and EY Joint GE Digital and EY Joint Enterprise Threat Detection Advanced Threat Analytics Identity Access Management Operational Technology Security Trusted Cloud Endpoint Security IoT Security Threat Analytics Cloud and Mobile Security Advanced Cyber Defense Secure Modern Enterprise Application Security Secure Development Lifecycle 7 Endpoint Mobile t How do you keep up with the ever-changing regulatory landscape? Privacy Assessments y location An Re e Data y a n d i m pl Any d y person An i a te n me Reporting Communicate the entity s level of compliance to interested parties assurance management activities ntext co An ed I m p ro v e Implementation Assist the entity in defining and standing up programs that are responsive to its regulatory and compliance requirements ice ev ss se e As aluat Ev te em R Remediation Help the entity address areas of concern with its program and help the entity better understand: (1) the type of information accumulated, (2) the flow of the information throughout the entity, (3) the processing of information and (4) the adequacy of controls over information retained on its systems Comm por un t ica GDPR, CBPR, FISMA, FedRAMP, DFARS* Assessment Provide management with insights into the maturity of its programs and approaches for transforming identified areas of concern Fraud Protection Log and Packet Analysis Governance and Compliance SAP and EY Joint SAP Security Architecture and Assessment SAP Security Vulnerability Identification and Health Check Cisco and EY Joint Cyber Resilient Endpoint Security Network Security Web Security Security IR Strategic Recovery 8

6 Why EY Cybersecurity Areas of focus Trusted and knowledgeable Fusing strategy, financial, risk and operations in your business Business and technical advisors Translating cybersecurity into your business language and aligning it with your business strategy Industry-focused experience Possessing deep Industry knowledge and experience Broad global perspective Bringing insights across all business lines Connected and scalable Benefiting from an ecosystem of cybersecurity talent, local to your global teams risk management cybersecurity compliance implementation architecture advanced protection forensics digital threat intelligence technology insider threat operation technologies hunting boards strategy active defense operations transformation IAM DLP incident response analytics cybercrime data IoT detection software security innovations vulnerability management investigation red teaming privacy maturity EY is well-known for employing a diverse and deep bench of cyber talent. We ve brought in highly experienced professionals from some of the largest technology companies in the world and paired them with executives from the most pioneering technology startups. We combine that with leaders who have served in the public sector through the FBI, the CIA, Homeland Security, and the US Army, Air Force and Marines. Our ecosystem of talent allows us to bring broad perspective, deep experience and innovative strategies. Military Law enforcement Government Industry Technology 9 EY Cybersecurity 10

7 EY Cybersecurity size and scale Gartner, Inc. has ranked EY second in worldwide market share in the information security consulting market, based on total revenue for Source: Gartner Market Share Analysis: Security Consulting, Worldwide, 2015, 22 April 2016, G EY Cyber locations Forensic evidence labs Advanced security centers Forensic data centers Cyber defense operations centers Chicago San Jose Los Angeles New Mexico Mexico City Bogota Lima Santiago Dallas San Antonio Houston Amsterdam Brussels Paris London Manchester Dublin Madrid Toronto Boston Secaucus New York Washington, DC Ashburn São Paulo Buenos Aires Saarbrücken Düsseldorf Oslo Frankfurt Stuttgart Zürich Chennai Hyderabad New Delhi Dubai Tel Aviv Johannesburg Durban Cape Town Vilnius Moscow Warsaw Prague Vienna Budapest Istanbul Beijing Seoul Tokyo Shanghai Hong Kong Hanoi Kuala Lumpur Singapore Manila Jakarta Perth Auckland Adelaide Melbourne Brisbane Sydney Number of countries 150 Gartner-rated cybersecurity leader #2 Cybersecurity practitioners globally 7,000 Cybersecurity Ventures #1 World s Hottest Cybersecurity Consultant* * Among the Big4 organizations EY Cybersecurity rated #1 and overall rated #15 globally 11 EY Cybersecurity 12

8 Industry depth Wealth and asset management Health Today s threat landscape is ever-changing and requires our vigilance and resilience. That is why EY remains committed to building a more secure working world by investing in our leading-class cyber practice. Barbara O Neill EY Global Chief Information Security Officer Consumer products and retail Life sciences Automotive and transportation Diversified industrial products Media and entertainment Government Insurance Power and utilities Real estate, hospitality and construction 13 EY Cybersecurity Technology Banking and capital markets Oil and gas 14

9 Alliances and innovation At EY, we understand the challenges that our clients face, and we are always looking for new innovative ways to leverage technology to drive a new result to a difficult challenge. Chad Holmes Strategy, Innovation and Growth Leader A vibrant alliances ecosystem Alliance relationships are at the heart of EY s ability to address the most relevant and significant issues our clients face today including cybersecurity. For example, our relationship with Los Alamos National Laboratory delivers some of the most advanced behavioral cybersecurity tools available to the commercial market. Cyber innovation Every day, EY Cyber is working to help our clients solve some of their largest challenges. Whether it s maximizing their cyber investment, building technology to aid automation or creating new methodologies for securing emerging technology such as autonomous cars, EY is here to help. Autonomous cars Sustainable cyber innovation Medical devices How do you transform to address the digital market without losing your security posture? How do you continue to innovate and stretch toward what is possible? EY Cyber can help with business models and experiences; develop and co-create concepts; pilot ideas at a small scale; and research and fashion technologies and techniques that drive the future of cybersecurity. Virtual and augmented reality Automation and robotics How do you build robotics around your ecosystem of security vendors? How do I maximize throughput, quality and total cost? 15 EY Cybersecurity 16

10 Notes 17 EY Cybersecurity 18

11 We re not only accountants. We re trusted advisors who understand how cybersecurity risks can impact your financials and your organization. Having business advisors, integrators, operators and strategists on staff, we can help you build cyber awareness and resilience at every level of your organization. As technology and cyber professionals adept at both IT infrastructure and digital trends, we are the ones to help you ask and answer the better questions needed to capitalize on your business opportunities while negotiating the threat landscape. Americas Cybersecurity Leader Bob Sydow EY Assurance Tax Transactions Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited operating in the US Ernst & Young LLP. All Rights Reserved SCORE No US Find out more Contact EY Cybersecurity cybersecurity@ey.com Americas Cybersecurity Leadership Team Chad Holmes Cyber Strategy, Innovation and Growth Leader chad.holmes1@ey.com Henry Burgess Cyber Operations Leader henry.burgess@ey.com Terry Jost Cyber Demand Leader terry.jost@ey.com Ertem Osmanoglu Cyber Supply Leader ertem.osmanoglu@ey.com ED None This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax or other professional advice. Please refer to your advisors for specific advice. ey.com Authored by Chad Holmes at chad.holmes1@ey.com