Deloitte announced plans today to expand its cyber risk platform for end-to-end industrial control systems (ICS) and operational technologies (OT) security with next generation technology enabled by Dragos, a cybersecurity company focusing on securing ICS and OT networks.
NEW YORK, March 30, 2017 /PRNewswire/ — Deloitte announced plans today to expand its cyber risk platform for end-to-end industrial control systems (ICS) and operational technologies (OT) security with next generation technology enabled by Dragos, a cybersecurity company focusing on securing ICS and OT networks.
Digital transformation has resulted in greater interconnected advanced manufacturing and automation driven operations. Increased connectivity among industrial facilities, supply chains, customers, and operations brings with it new operational cyber risks and the potential for cyberattacks to have more extensive effects. Many organizations have started to focus on securing ICS and OT, but less so on monitoring emerging cyber threats. ICS and OT threat monitoring technology can facilitate a better understanding of the vulnerabilities embedded in these systems, thus allowing industrial concerns with such interconnected networks to gauge the likelihood of an event and adequately scenario plan.
Deloitte Risk and Financial Advisory Cyber Risk Services‘ end-to-end ICS offering, enabled by Dragos technology, can help organizations manage their cyber risks in the ICS and OT environments by using a combination of innovative cyber security products and services. This combination brings hunting and reconnaissance capabilities that now allow organizations to look beyond internal data to threat documentation found in external databases. Beyond securing ICS and OT systems, this combination of cyber risk services and technologies can provide a more complete picture of an organization’s ICS and OT threat landscape through active monitoring that can better inform scenario planning and response.
“Assessing the cyber risks of our clients’ ICS and OT, we see that many organizations are often unprepared for the magnitude of the impact to operational technology and industrial control systems environments” said Ed Powers, principal, Deloitte & Touche LLP, and U.S. leader for Deloitte Risk and Financial Advisory Cyber Risk Services. “A decision to include OT and ICS as a part of a broader cyber risk management program can improve a company’s understanding of the potential damage resulting from a cyberattack and can bolster the efficacy of its cyber risk mitigation strategy.”
Deloitte has made significant investments in ICS and OT related security services across a number of industry sectors including industrial products and services, chemical and specialty materials, automotive, oil and gas, power and utilities, and life sciences. Such investments are designed to help manage the risk of ICS and OT environments by enabling organizations to monitor and assess threats. Organizations can benefit from a better understanding of threats in this environment, which can then be used to develop and embed cybersecurity strategies into organizational and technology strategy.
“Cyber risk management is increasingly a reputational issue for many organizations,” said Chuck Saia, CEO of Deloitte Risk and Financial Advisory. “Faced with stakeholder expectations, executives are grappling with questions about their preparedness for a cyber incident. They’re wondering if they have the ability to respond and recover. And how it could impact their reputation. To address their cyber posture, many organizations are going on the offensive to add tech-enabled cyber risk management products and services.”
The Dragos Platform, Threat Operations Center, and intelligence team form an ecosystem of technology, people, and intelligence to safeguard industrial networks. The Dragos Platform is designed for industrial networks and provides visibility into the environment, detection of threats through behavioral analytics, and the automation of workflows including incident response data collection and analysis.
“There have been pockets of excellence around the community in industrial security leading practices. But the world is facing a more connected infrastructure and a more aggressive threat than we’ve seen in years past,” said Robert M. Lee, chief executive officer, Dragos. “Now is an important time to get the solution correct and that’s what the Dragos and Deloitte cooperation represents.”
Dragos is the leading ICS security firm in the world. Founded by world-recognized industrial control system security subject matter experts from the U.S. intelligence community, Dragos is an industrial cyber security company working to provide a comprehensive security ecosystem instead of a single product or service. The Dragos Platform offers customers a single pane of glass into their industrial environment with a heavy focus on data collection, baselining, anomaly detection, and workflow automation to ensure that even small teams can operate similar to fully staffed security operations centers.
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including 80 percent of the Fortune 500 and more than 6,000 private and middle market companies. Our people work across more than 20 industry sectors to deliver measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to make their most challenging business decisions with confidence, and help lead the way toward a stronger economy and a healthy society.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.