© 2010 Deloitte & Touche LLP The Cyber-Savvy Organization: 10 Steps to a New Cyber Mission Discipline May 2010.

Slides:

Advertisements

Similar presentations

Strengthening Your HR Capacity The Government of Canada Perspective

Advertisements

Chapter 3 E-Strategy.

3. Introduction to Strategic Information Systems Planning (SISP)

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

It is Time to Respond! Progress Software Responsive Process Management Dr. M. A. Ketabchi Chief Strategist Office of CTO, Progress Software.

Copyright of Shell International May 2013 “BUILDING ENGAGING WORKPLACES TOGETHER” DIVERSITY & INCLUSION AT SHELL Deborah Green, Diversity Recruiter Colin.

The Military Challenge of Cyber AOC Talk on Cyber, EW and IO Dr Gary Waters, 17 April 2012.

1 Protecting the Long Island Business Community A Public Safety Partnership.

Missouri Enterprise Helping Missouri Manufacturers Make More, Sell More, Earn More Missouri Manufacturer Survey: The Top Ten Things You Told Us.

CTS Strategic Roadmap Walkthrough, v1.2 Dan Mercer.

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.

Cyber security – challenges and opportunities for business Business New Zealand AIG - 11 September 2014.

© QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.

National Infrastructure Protection Plan

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

Rethinking Security to Enable Business LJ Johnson Nike’s Global Information Security Officer August 16, 2005.

Deerfield Beach Fort Pierce Jacksonville. Agenda Business Issues KAMM Capabilities KAMM Experience Why KAMM Business Issues KAMM Capabilities KAMM Experience.

Navigating the Maze How to sell to the public sector Adrian Farley Chief Deputy CIO State of California

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

New Opportunities for P3s on Military Installations NCPPP Conference July 2014 Barry Scribner Co-President, Public Institutions JLL.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.

Introduction Challenges of Managing in a Network Economy.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.

Dell Connected Security Solutions Simplify & unify.

Association of Defense Communities June 23, 2015

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

1 Jim Devlin Comptroller of the Currency November 5, 2009 Data Breaches in Payments Systems -- Roles and Best Practices for the Public and Private Sector.

Salary Possibilities Newly assigned Special Agents start at a yearly salary of $43,441, or also recognized as a GS-10, plus multiple other pay increases.

1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.

Catawba County Board of Commissioners Retreat June 11, 2007 It is a great time to be an innovator 2007 Technology Strategic Plan *

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Andrew Staniforth Chapter 17 - Securing Cyberspace: Strategic Responses for a Digital Age, Pg. 213.

Funding Information Systems

Larry Clinton Operations Officer Internet Security Alliance

EGovOS Panel Discussion CIO Council Architecture & Infrastructure Committee Subcommittee Co-Chairs March 15, 2004.

TDRp Implementation Challenges David Vance, Executive Director Peggy Parskey, Assistant Director October 23, 2014.

1 Power to the Edge Agility Focus and Convergence Adapting C2 to the 21 st Century presented to the Focus, Agility and Convergence Team Inaugural Meeting.

A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.

Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

ROLE OF ANALYTICS IN ENHANCING BUSINESS RESILIENCY.

Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.

Global Dialogue on Customs Capacity Building 04 April 2007 © 2007 IBM Corporation Benefits of Supply Chain Security and Trade Facilitation: The IBM Experience.

UNCLASSIFIED Lift the living standards and wellbeing of all Victorians by sustainably growing Victoria’s economy and employment and by working with the.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Attention CFOs How to tighten your belt and still survive May 18, 2017.

Information Technology Sector

U.S. COAST GUARD CYBERSECURITY POLICY and CYBERSECURITY PLANNING

Lead Strategic Decision Making With Service Portfolio Management

NIST Cybersecurity Framework

8 Building Blocks of National Cyber Strategies

Consulting Services for IoT

Managing Change and Other Keys to Successful Implementation

Cybersecurity at PJM Jonathon Monken

An Urgent National Imperative

Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018.

© 2018 VynZ Research All rights reserved Get in Touch: Mobile Virtual Private Network (VPN) Market.

UW System Information Security

Cybersecurity ATD technical

Cloud adoption NECOOST Advisory | June 2017.

Refreshing New Zealand’s Cyber Security Strategy 2018

The State of Cybersecurity in State Government NAST March 26, 2019

MAZARS’ CONSULTING PRACTICE

THE CYBER LANDSCAPE UNCLASSIFIED CROSS DOMAIN NETWORK & INFO SHARING

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Cybersecurity at PJM Jonathon Monken

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Presentation transcript:

© 2010 Deloitte & Touche LLP The Cyber-Savvy Organization: 10 Steps to a New Cyber Mission Discipline May 2010

© 2010 Deloitte & Touche LLP 2

Expand Security Beyond IT Security as usual is security at risk. If cybersecurity is treated as an IT-only concern, such misperceptions could erode the cyber infrastructure over time and limit government to only incremental gains. Get everyone — CFO, CHCO, CAO, CIO, CISO, CTO, program leads, and others — at the table to back the business case, choose priorities, and drive change in their departments. 3 

© 2010 Deloitte & Touche LLP Treat Data as a Target Governments make attractive targets, prized for their vast stores of information, exploited for competitive, monetary, or adversarial advantage by organized cyber criminals and hostile nations. Understand the value of all your assets and quantify the potential implications of your priorities. No matter how your organization aims to strengthen its cyber posture — protect what matters most to the mission and preserve the public’s trust. 4 

© 2010 Deloitte & Touche LLP Set Cyber Performance Goals A cyber governance framework helps leaders see what cyber initiatives are successful — the first step toward establishing a performance-oriented, results-focused approach. Government organizations that can see what’s valuable to their people and programs will shorten their learning cycle and drive lasting change. 5 

© 2010 Deloitte & Touche LLP Automate Cyber Processes Embrace real-time prioritization and process automation to lock in efficiencies. Using existing technology to minimize costs, lag times, and disruption. Create a disciplined, repeatable, controls- based approach to reduce redundancy and rework and to free up resources to focus on the mission. 6 

© 2010 Deloitte & Touche LLP Expand Identity Management Know who you’re dealing with online without having to credential everyone. An identity credential and access management (ICAM) framework empowers agencies to protect personal identities and privacy as well as physical and “digital” facilities. As the agency grows, ICAM lets you expand partnerships and add services without more layers of security or more cost. 7 

© 2010 Deloitte & Touche LLP Cultivate Cyber Leadership CISOs, CTOs, and CIOs must become change agents to drive momentum in cyber initiatives. As agencies choose their own cyber leaders (or teams), it may not be who you expected. Look beyond functional and technology expertise when vetting new leaders — people and change management are critical to getting big things done. 8 

© 2010 Deloitte & Touche LLP Manage Risk All roads lead back to risk. Strong controls in one area don’t count if you are vulnerable somewhere else. A 360-degree view of your organization’s risks helps all departments make better decisions, set priorities, manage investments, and measure results. Risk-based decision support helps enhance security and improve performance, while lowering costs. 9 

© 2010 Deloitte & Touche LLP 10 Move to a Faster Tempo Agencies must hone situational awareness. Develop predictive tools to synthesize threat intelligence and quickly translate into actionable operations around current and emerging risks. More than just speed, a cyber-savvy government organization is agile — whether it’s tackling changing cyber threats or agency missions. 

© 2010 Deloitte & Touche LLP 11 Cultivate Workforce Resiliency Dedicate resources to enhance the awareness and level of vigilance of the workforce to recognize the potential risks, threats and vulnerabilities when working in cyberspace. Develop a cyber-savvy workforce that is cognizant of their own actions and activities that could pose a risk working in cyberspace and recognize the patterns of behavior of others who could risk exploiting assets and information 

© 2010 Deloitte & Touche LLP Define Your Enterprise Broadly Baseline who is working for you and with you — from employees to contractors. Think outside your network, too. Cyber-deterrence compels agencies and nations to establish public-private partnerships with new, non-traditional partners. Follow the flow of information in- and outside of your organization to identify vulnerabilities; strengthen every link in the chain. 12 

© 2010 Deloitte & Touche LLP Questions? 13