Unlocking the Potential of Security Operations Centres: Five Areas for Improvement
Simply by reading the news, it’s clear that material cyber incidents have become a regular occurrence across critical organisations in the Asia Pacific region.
Many of these cyber-attacks are not detected until weeks or months after an initial infiltration. This often leads to a greater impact to stakeholders, all while the organisation is trying to manage an incident as it plays out in the public realm.
Cyber budgets continue to track upwards in the hope that more money equates to a better security posture. Organisations often spend the greatest portion on a 24x7 detection & response capability or service provider in the hope that early detection and response can reduce impact. As a result, there are fundamental questions emerging for boards, regulators, and management teams about why attacks aren’t being detected and the effectiveness of controls and investment in this domain.
Deloitte’s extensive experience in cyber incident responses and post-incident investigations has provided visibility into a wide range of incidents – how and why they occur, and lessons learnt. This guide delves into common root causes we’ve seen on why organisations are missing cyber-attacks until they become visible very late in the day, as well as providing a list of targeted questions that directors or regulators can ask management on this topic.