Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Deloitte - Cyber Crime - 2010

Deloitte - Cyber Crime - 2010

Ratings: (0)|Views: 452 |Likes:
Published by lacengear

More info:

Published by: lacengear on Feb 14, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Center for Security & Privacy Solutions
Cyber crime: a clearand present dangerCombating the astest growingcyber security threat
3 Introduction5 Cyber crime update7 Deloitte’s view o the cyber crime scene8 Deloitte’s interpretation o survey ndings10 The ocus obscures the view11 Shiting the basic approach12 Developing “actionable” cyber threat intelligence14 Benets o a risk-based approach15 Summing up the cyber crime dilemma
Cyber crime: A clear and present danger
Combating the astest growing cyber security threat
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary o Deloitte LLP.Please see www.deloitte.com/us/about or a detailed description o the legal structure o Deloitte LLP and its subsidiaries.
Threats posed to organizations by cyber crimes haveincreased aster than potential victims—or cyber securityproessionals—can cope with them, placing targetedorganizations at signicant risk. This is the key nding oDeloitte ’s review o the results o the 2010 CSOCyberSecurity Watch Survey, sponsored by Deloitte andconducted in collaboration with
CSO Magazine
, the U.S.Secret Service, and the CERT Coordination Center atCarnegie Mellon (see sidebar on page 4).This whitepaper reports several key results o this surveyand Deloitte’s interpretation o key survey results. By itsnature, interpretation goes beyond simple reporting oresults (which is not our goal here) and may promptdisagreement or even controversy. Deloitte believeshowever, that some o the ndings point to signicantincongruities between the views o many surveyrespondents and the current reality o cyber crime. Giventhat the survey respondents include mainly executives andproessionals responsible or the security o theirorganizations’ IT environments, such incongruities areworth examining.Our view is that the growth o the threat o cyber crimehas outpaced that o other cyber security threats. Fromour perspective, the 2010 CSO CyberSecurity WatchSurvey, viewed in the light o our experience, indicates thatcyber crime constitutes a signicantly more common andlarger threat than respondents recognize. Indeed, drivenby the prospect o signicant prots, cyber crimeinnovation and techniques have outpaced traditionalsecurity models and many current signature-baseddetection technologies.Today’s cyber criminals are increasingly adept at gainingundetected access and maintaining a persistent,low-prole, long-term presence in IT environments.Meanwhile, many organizations may be leaving themselvesvulnerable to cyber crime based on a alse sense osecurity, perhaps even complacency, driven by non-agilesecurity tools and processes. Many are ailing to recognizecyber crimes in their IT environments and misallocatinglimited resources to lesser threats. For example, manyorganizations ocus heavily on oiling hackers and blockingpornography while potential—and actual—cyber crimesmay be going undetected and unaddressed. This hasgenerated signicant risk exposure, including exposure tonancial losses, regulatory issues, data breach liabilities,damage to brand, and loss o client and public condence.

Activity (16)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
rizki_dewantara liked this
sathiskumarBE liked this
ElfiPatel liked this
somenath_singh liked this
kalyankalyan liked this
cybertheorist liked this
iliarapo liked this
gertd liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->