@DXWorldExpo Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Carmen Gonzalez

News Feed Item

Holistic Cyber Risk Management Program Must “Predict and Prevent” in Today’s Complex Threat Environment, says new White Paper

In today’s world of dynamic and complex cyber threats, Chief Information Security Officers (CISOs) and Chief Risk Officers (CROs) from commercial and government enterprises are evaluating how to move from a react and defend stance to a holistic cyber risk management program that is focused on the ability to predict and prevent. In response to IT and security leaders’ needs for information on how to more effectively maintain data integrity and security, Booz Allen Hamilton (NYSE: BAH) has released the results of a company-sponsored IDC White Paper, “Shifting Risks and IT Complexities Create Demands for New Enterprise Security Strategies.”(February 2014)

The study, which captures the results of interviews with information security executives across the financial services, federal government, large supply chain manufacturing, oil and gas and pharmaceutical sciences industries, gives security decision-makers practical, actionable information on the current threat landscape, the changing role of the CISO and CRO, and the consequential need for an end-to-end security and service partner.

“Organizations are learning that cyber security threats create both tangible and intangible impact on their abilities to do business and function,” said Christopher Ling, executive vice president, Booz Allen. “It may be easy to calculate the impact of an attack in terms of staff time, replacement costs, lost productivity, and the cost of compliance and meeting contractual obligations, but it is more difficult to determine the loss of brand, reputation and relationships and to tally liabilities. Damage to intangible assets often does not immediately come to light, but it can have significant long-term impact. IT and cyber leaders understand to varying degrees that all it takes is one incident to create irreparable damage and that a holistic threat management system can go far in keeping their organizations safe from harm.”

The IDC White Paper analyzed the concerns of information security leaders in five industries and provided threat-based implications that CISOs and CROs can act upon.

  • Financial Services – The evolving threat landscape and rise in the frequency and sophistication of attacks has demanded a holistic response from the financial services industry. Its leaders are well known for making advanced, predictive threat intelligence solutions a priority. Looking ahead, the industry must take advantage of services that better analyze threats on the unstructured and structured components of “big data,” and most institutions will lack the capabilities to perform this work effectively in-house.
  • Federal government – Although agencies are hiring Chief Security Officers, much of the responsibility is still falling to the CIO. Today’s federal IT security managers must address how to deliver security across legacy systems as well as cloud-based and mobile applications, and are searching for security that encompasses the “new” and the “old.” Lurking APTs are prompting many managers to use network monitoring tools, consistency checks and access control management. Agencies remain cautious about exploring security service partnerships, preferring to retain security personnel and risk management in-house, but this raises questions about compliance with internal and government-wide security policies.
  • Oil and gas –The introduction of data-intensive processes, such as the digital oil field, paired with high-profile attacks on energy companies has led many oil and gas companies to make the protection of data and corporate IT assets a top priority. In the very near future, the protection of industrial control systems – the source of many critical oil and gas assets – will become a key area of investment for most oil and gas companies.
  • Supply chain/Manufacturing – The increasingly distributed nature of the manufacturing supply chain is putting it at a greater risk for data security treats. Providers and manufacturers must strike the right balance between a desire for transparency and the need to ensure that this openness does not make them an easy target for cyber attacks. The landscape is changing and automation is on the rise; this brings greater risk to industrial control systems.
  • Pharmaceuticals/Life sciences – Companies are working through a challenging period of industry disruption, battling regulatory changes and the pressure to continue reducing costs. On top of that, companies must now reinforce their commitment to patient privacy by focusing much more attention on preventing the damage APTs can bring. The vulnerabilities created by the widespread adoption of mobile devices are one area of particular concern, and with most life sciences software moving to the cloud, the industry has increased its exposure. As companies spend billions into the R&D for new drugs, security surrounding that information is critical because a stolen IP can cost a company billions more and affect the company’s future viability. Given these concerns, one key capability is assuring the ability to secure and remotely erase all data on these devices.

As threats continue to evolve and attackers exploit organizations’ weakest links, the IDC White Paper concludes that CISOs and CROs can better manage their organization’s security demands by engaging with a security partner. Through its interviews with security executives, IDC collected input on the skill set a provider should have:

  • An understanding of the business needs by industry
  • A comprehensive security services portfolio that ranges from consulting and implementation to managed security services offerings
  • Threat intelligence that creates actionable data that feeds into a managed service
  • A broad array of security products and partnerships with vendors
  • Solid customer testimonials within the buyer's industry
  • A strong balance sheet and strong growth trajectory

Booz Allen’s Christopher Ling added, “CISOs and CROs across all industries have many challenges ahead. Perhaps one of the most critical is translating cyber risk management in terms that the C-suite will value. This report will help leaders address this issue and others, such as whether it is in their organization’s best interests to either manage all components of cyber risk defense or collaborate with a provider who brings broad expertise.”

At the 2014 RSA Conference, Booz Allen Hamilton’s vice chair, Mike McConnell, and Christopher Ling will speak with CISOs about the challenges they face engaging with the C-suite and moving from a perimeter defense to a holistic cyber program.

About Booz Allen Hamilton

Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the U.S. government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs approximately 23,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013.


More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

DXWorldEXPO Digital Transformation Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DSR is a supplier of project management, consultancy services and IT solutions that increase effectiveness of a company's operations in the production sector. The company combines in-depth knowledge of international companies with expert knowledge utilising IT tools that support manufacturing and distribution processes. DSR ensures optimization and integration of internal processes which is necessary for companies to grow rapidly. The rapid growth is possible thanks, to specialized services an...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...