Download presentation
Presentation is loading. Please wait.
Published byShelby Blatchford Modified over 9 years ago
1
© 2010 Deloitte & Touche LLP The Cyber-Savvy Organization: 10 Steps to a New Cyber Mission Discipline May 2010
2
© 2010 Deloitte & Touche LLP 2
3
Expand Security Beyond IT Security as usual is security at risk. If cybersecurity is treated as an IT-only concern, such misperceptions could erode the cyber infrastructure over time and limit government to only incremental gains. Get everyone — CFO, CHCO, CAO, CIO, CISO, CTO, program leads, and others — at the table to back the business case, choose priorities, and drive change in their departments. 3
4
© 2010 Deloitte & Touche LLP Treat Data as a Target Governments make attractive targets, prized for their vast stores of information, exploited for competitive, monetary, or adversarial advantage by organized cyber criminals and hostile nations. Understand the value of all your assets and quantify the potential implications of your priorities. No matter how your organization aims to strengthen its cyber posture — protect what matters most to the mission and preserve the public’s trust. 4
5
© 2010 Deloitte & Touche LLP Set Cyber Performance Goals A cyber governance framework helps leaders see what cyber initiatives are successful — the first step toward establishing a performance-oriented, results-focused approach. Government organizations that can see what’s valuable to their people and programs will shorten their learning cycle and drive lasting change. 5
6
© 2010 Deloitte & Touche LLP Automate Cyber Processes Embrace real-time prioritization and process automation to lock in efficiencies. Using existing technology to minimize costs, lag times, and disruption. Create a disciplined, repeatable, controls- based approach to reduce redundancy and rework and to free up resources to focus on the mission. 6
7
© 2010 Deloitte & Touche LLP Expand Identity Management Know who you’re dealing with online without having to credential everyone. An identity credential and access management (ICAM) framework empowers agencies to protect personal identities and privacy as well as physical and “digital” facilities. As the agency grows, ICAM lets you expand partnerships and add services without more layers of security or more cost. 7
8
© 2010 Deloitte & Touche LLP Cultivate Cyber Leadership CISOs, CTOs, and CIOs must become change agents to drive momentum in cyber initiatives. As agencies choose their own cyber leaders (or teams), it may not be who you expected. Look beyond functional and technology expertise when vetting new leaders — people and change management are critical to getting big things done. 8
9
© 2010 Deloitte & Touche LLP Manage Risk All roads lead back to risk. Strong controls in one area don’t count if you are vulnerable somewhere else. A 360-degree view of your organization’s risks helps all departments make better decisions, set priorities, manage investments, and measure results. Risk-based decision support helps enhance security and improve performance, while lowering costs. 9
10
© 2010 Deloitte & Touche LLP 10 Move to a Faster Tempo Agencies must hone situational awareness. Develop predictive tools to synthesize threat intelligence and quickly translate into actionable operations around current and emerging risks. More than just speed, a cyber-savvy government organization is agile — whether it’s tackling changing cyber threats or agency missions.
11
© 2010 Deloitte & Touche LLP 11 Cultivate Workforce Resiliency Dedicate resources to enhance the awareness and level of vigilance of the workforce to recognize the potential risks, threats and vulnerabilities when working in cyberspace. Develop a cyber-savvy workforce that is cognizant of their own actions and activities that could pose a risk working in cyberspace and recognize the patterns of behavior of others who could risk exploiting assets and information
12
© 2010 Deloitte & Touche LLP Define Your Enterprise Broadly Baseline who is working for you and with you — from employees to contractors. Think outside your network, too. Cyber-deterrence compels agencies and nations to establish public-private partnerships with new, non-traditional partners. Follow the flow of information in- and outside of your organization to identify vulnerabilities; strengthen every link in the chain. 12
13
© 2010 Deloitte & Touche LLP Questions? 13
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.