Cyberthreats are assymetric risks: corporate defenders must secure and detect everything, but the attacker needs to exploit only once. As petabytes of data traverse the ecosystem, legacy data protection methods leave many gaps. By looking through the adversary’s eyes, you can create subterfuges, delay attack progress or reduce the value of any data ultimately accessed—and shift the risk equation.
(Source : RSA Conference USA 2017)
5. #RSAC
Why demand for data-centric protection
continues to grow
1. Forbes, “Cybersecurity Market Reaches $75 Billion In 2015”
2. Verizon, 2016 Data Breach Investigations Report
3. Symantec, Internet Security Threat Report 2016
4. Ponemon Institute, 2015 Cost of a Data Breach
Projected total cost of cyber
security in 20151
~$75 Billion
Number of records
breached in 20153
429 Million
Estimated yearly total cost
from breaches4
~107 Billion
Number of data breaches
reported in 20152
2,260 Breaches
6. #RSAC
2 Business and technology innovation
Innovations are creating additional cyber risk for organizations,
such as moving mission critical applications to the cloud.
The average company now uses:
738cloud services6
6,488 security vulnerabilities7 were added to the National
Vulnerability Database (NVD) in 2015, an average of 17 new
vulnerabilities each day:
Why the breaches haven’t stopped … and won’t
1Explosive data growth…
Data is doubling in size every two years and by 2020, it will
reach 44 zettabytes55
20202013 4.4 ZB 44 ZB
6 Underestimating the adversaries
Organizations fail to recognize/understand the external threat
actors and adversaries trying to access their crown jewels
4 Compliance versus risk-focused mindset
Cyber security standards, laws, and regulations cannot keep up with both business
and technological change and your evolving adversaries.
2014 2015
5 Consistently failing to implement security fundamentals
Many companies lack fundamental data protection capabilities.
99.9% of exploited vulnerabilities were compromised more than a year
after the CVE was published8.
5. “The Digital Universe of Opportunities: Rich Data and the Increasing Value of the Internet of Things”, EMC Digital Universe with
Research & Analysis by IDC
6. 12 Must-Know Statistics on Cloud Usage in the Enterprise”, Skyhigh
7. National Vulnerability Database (NVD)
8. Verizon, “2015 Data Breach Investigations Report”
3 Technology flawed by design
~1,300 breaches4 ~2,100 breaches8
23. #RSAC
Questions
23
111 S Wacker Dr.
Chicago, IL 60606-4301
Dan Frank
Principal | Deloitte Advisory
Cyber Risk Services
Deloitte & Touche LLP Tel: +1 312 401 0125
danfrank@deloitte.com
1919 N Lynn St.
Arlington, VA 22209
Craig Astrich
Managing Director | Deloitte Advisory
Cyber Risk Services
Deloitte & Touche LLP Tel: +1 202 256 7405
castrich@deloitte.com
This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial,
investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it
be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business,
you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation.
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms,
and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”)
does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that
operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the
rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.