EMEA Cybersphere CenterCyber Dossier - FY21
Deloitte 2 | EMEA Cybersphere Center 2020 Deloitte 2 | EMEA Cybersphere Center 2020
Deloitte 4 | EMEA Cybersphere Center 2020
06 The era of complexity
12 Aim for the extraordinary 14 Self identity 34 Innovation technology 40 Commitment with clients 50 Deloitte’s own way of doing Cyber
56 Who & where we are
INTERACTIVE PDF
Index
Deloitte 6 |EMEA Cybersphere Center 2020
The digital age has radically changed the way in which we do business and interact with one another. The implementation of new methods and technological solutions poses countless cyber challenges that could compromise the stability of our business, our clients’ privacy, and control over both of these elements.
Deloitte Cyber has moved away from a critical approach to focus instead on risk analysis, prevention, design and implementation of controls, threat detection and, most importantly, on our problem-solving expertise.
We are witnessing a shift to a new era where risk is a constant
The era of complexity The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
The EMEA Cybersphere Center, located in Madrid, is the RDC providing managed security services to the EMEA region. We foster an innovative environment where our experts work and develop the best tools in the market.
EMEA Cybersphere Center
Deloitte’s delivery strategy is built around a worldwide network of Regional Delivery Centers (RDC), operating 24x7, and local Cyber Centers (CC) acting as front offices for our clients.
Deloitte’s strategy
Deloitte 8 | EMEA Cybersphere Center 2020
In the digital age, cyber is everywhere, which means cyber risk now permeates every aspect of how we live and work
Cyber is complex.Cyber is ever-charging.Cyber is everywhere.
Cyber everywhere.Succeed anywhere.
Cyber everywhere Cyber risk isn’t just about IT. It ripples through the product an organization creates, the factories that make them, and the spaces where it conceives them.
Cyber risk isn’t just about data centers. It extends into the cloud, across third-party networks, and through connected devices.
Cyber risk isn’t just about employees.It streches across everyone they interact with, including partners, vendors, customers, even family.
Deloitte Cybersphere The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 10 | EMEA Cybersphere Center 2020
Deloitte 12 | EMEA Cybersphere Center 2020
Aim for the extraordinary Our method
Self identity
Innovation technology
Research, development, and investigation (R&D&i) is the driver for the majority of our services
Development of internal intelligence platforms
Labs OT/IoT in constant evolution
State-of-the-art operations center
Teams divided by services and specialties
New work methods
Spaces with a unique design
Our work method is aimed at achieving operational excellence and is based on four pillars:
End-to-end cybersecurity services
24/7 managed alert monitoring services
Pool of 700+ ECC expert professionals
Collaborations with first-class technological partners
Commitment with clients
Deloitte’s own way of doing Cyber
Customized training sessions and workshops
Organization of events and training sessions to boost the industry and professional knowledge
Women in Cyber
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 14 | EMEA Cybersphere Center 2020
Aim for the extraordinary Self identity
D-Dome LabsCyberacademy
Auditorium
War Room
Watch Floors Canteen
The center boasts areas that allow us to interact with our clients and enjoy a more personal relationship with them, which helps us to better understand their challenges and create solutions to combat new threats.
+250 Strategy and
Consulting teams
+500 Cyber Operations
professionals
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
3,940 ECC sqm
16 | EMEA Cybersphere Center 2020
Cyber and cult: visit D-Dome
We have created an environment in which companies can feel cyber safe. It is a neutral territory in which we identify problems and find solutions by bringing together the various departments and teams involved.
A state-of-the-art space for the exclusive use of our clients, whose priorities we assume as our own.
Aim for the extraordinary Self identity
Dome
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 18 | EMEA Cybersphere Center 2020 Deloitte 18 | EMEA Cybersphere Center 2020
Deloitte 20 | EMEA Cybersphere Center 2020
Where we come together: Auditorium
Training sessions, industry days, team meetings, report presentations, and steering committee meetings are just some of the options for which the Auditorium is the ideal venue.
Discover the power of brainstorming, and sharing of ideas, opinions, expertise, and know-how in a collaborative space equipped with cutting-edge technology.
Aim for the extraordinary Self identity
Auditorium
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 22 | EMEA Cybersphere Center 2020 Deloitte 22 | EMEA Cybersphere Center 2020
Deloitte 24 | EMEA Cybersphere Center 2020
Aim for the extraordinary Self identity
Knowledge sharing space: Cyber Academy
Deloitte’s global cyber training hub is ideal for workshops, training sessions, and activities to boost cybersecurity awareness.
Two rooms to stimulate learning, creativity, and dynamism, with the possibility to turn it into a large single space if required.
Cyberacademy
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 26 | EMEA Cybersphere Center 2020 Deloitte 26 | EMEA Cybersphere Center 2020
Deloitte 28 | EMEA Cybersphere Center 2020
Level 1 live monitoring: Watch Floors
The real-time monitoring of attacks is the foundation of cyber practices.
Our Watch Floors are dedicated to monitoring tasks and make it possible for alerts to be managed minute by minute, from their generation right through to their tracking, assessment, and assignment to the relevant team.
With the help of cutting-edge tools, our videowalls help Level 1 teams to centralize information and respond to possible incidents better, allowing our security experts to stay ahead of cyber criminals.
Aim for the extraordinary Self identity
Watchfloors
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 30 | EMEA Cybersphere Center 2020
Making it real: War Room
A few meters away from the laboratories, an environment has been created in which cyber war becomes real.
The War Room has been designed to carry out attack simulations against client defense teams. These simulations are monitored by our technical teams to extract intel about vulnerabilities and optimize defenses.
Aim for the extraordinary Self identity
War Room
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 32 | EMEA Cybersphere Center 2020
Meet me at the meeting point: Canteen
The Canteen serves a meeting point for our professionals and can be used as a workspace as it is equipped with projection tools and surround sound. It is also ideal to use it as a chill out area for informal sessions or to simply catch up on the latest events.
Aim for the extraordinary Self identity
Canteen
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 34 | EMEA Cybersphere Center 2020
Aim for the extraordinary Innovation technology
Innovation as a solution for the current and future cybersecurity landscape
Adaptability, scalability, and resilience will achieve future success for organizations.
We are integrating our capabilities across Deloitte to infuse cyber at the point of innovation in Cloud, SAP and digital transformation efforts to help our clients build smarter, faster, more connected futures.
The market for managed services is evolving to solve challenges clients face in an increasingly complex threat and management environment.
We will extend and expand capabilities to deliver managed services accross the ecosystem.
Constant evolution Premium expertise
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 36 | EMEA Cybersphere Center 2020
We innovate at the bleeding edge of our clients, industries, ecosystems and capabilities to anticipate and prepare for the cyber solutions of the future. As a result, we count with an area specifically designed for meeting with clients and connected to labs to perform demos and dynamic activities.
• Co-design use cases together with strategic clients• Evaluation of technologies, architectures and methodologies
throughout use case design• Alliances with clients and vendors for the analysis,
improvement, and training on OT/IoT security technologies
Aim for the extraordinary Innovation technology
Labs
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
As organizations continue to face evolving cyber challenges, we continue to explore, invest and innovate
Deloitte 38 | EMEA Cybersphere Center 2020
• Lighting management
• Ventilation
• Heating system
• Press conferences/interviews
• Wired and wireless communications
• IoT: spiders and drones
Optimized smart event loudspeaker, recording, editing, and broadcasting/streaming services, including pre- and post-event services
Energy management
Sound and image
Aim for the extraordinary Innovation technology
In terms of security, our scale model makes it possible to create use cases by connecting our intelligence services with online user patterns. This is how early alerts are identified and generated, with the aim of preventing cyber attacks.
• Refrigeration
• Water treatment
• Devices that rely on facial recognition, movement, and processing sensors, etc.
• Devices that use radiofrequency signals and non-standard, vulnerable protocols
• Access control
• CCTV
• Facial recognition
• Connection with police databases
Physical security
• Wireless Internet access
• Payment methods•
• E-commerce
There is a growing number of similar facilities that offer connectivity services to their users (especially spectators).
Provision of capabilities not covered by the previous categories that focus on the management of:
Smart services
Space management
• Match replay
• Information about sports events
• Offices
• Press rooms
• Lockers
• Parking lots
• Elevators
• Restricted areas
• Lawn maintenance
• Vandalism
• Detection of fire, smoke, and other elements related to both internal and perimeter physical security
• Water recycling
• Water management
Smart Stadium Lab
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 40 | EMEA Cybersphere Center 2020
We understand the concept of risk, which is why we share our clients’ own concerns. Deloitte’s service aims to reduce the level of exposure of our clients’ most important assets to cyber attacks.
Aim for the extraordinary Commitment with clients
Full protection requires a cybersecurity strategy, development, and implementation plan that ensures these three key tasks are performed:360º
We assist in enhancing decision-
making skills
We support the implementation of
contingency plans, returning technical operations to their
natural state after a cyber attack
We collaborate with organizations to build a
secure cyber environment
Respond Recover Thrive
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 42 | EMEA Cybersphere Center 2020
Aim for the extraordinary Commitment with clients ADVICE
IMPLEMENT
OPERATE
TRAINING & AWARENESS
APPLICATION SECURITY
CLOUD DATA, PROTECTION &
PRIVACY
DETECT & RESPOND
EMERGING TECH (IoT/ OT)
IDENTITY INFRASTRUCTURE SAP
Training & Awareness service integrates first-hand knowledge and experience with the creativity and culture transformation capabilities needed to evolve your workforce’s befaviour.
Deloitte software security specialists assit organizations to thoroughly implement and/or manage their application security program.
Deloitte accompanies its clients during the digitalization and innovation process, incorporating cybersecurity into their Cloud infrastructure, whether public, private, or hybrid.
Deloitte offers leading technical expertise related to data protection to help its clients to streamline decision-making processes when it comes to the use of data.
Through this service, Deloitte helps organizations with their cyber capabilities and solutions focused on cyber defense and incident response programs and operations.
Deloitte boasts cutting-edge cyber capabilities and solutions, with a special focus on next generation technologies including IoT and ICS.
The scope of this market offering includes the development, transformation and resilience of secure network architecture through various mechanisms, including network segmentation.
Our SAP Cyber practice is focused on providing holistic risk based solutions in the SAP landscape, which involves securing in the SAP environment against potential external threats.
The identity team helps its clients to add an additional layer of security and control to the current identities, both internal and external, and to increase their privileged and non-privileged access security.
Our capabilities
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 44 | EMEA Cybersphere Center 2020
Aim for the extraordinary Commitment with clients
TRAINING & AWARENESS
APPLICATION SECURITY
CLOUD DATA, PROTECTION &
PRIVACY
DETECT & RESPOND
EMERGING TECH (IoT/ OT)
IDENTITY INFRASTRUCTURE SAP
• Application
implementation
• Application Managed
Security
• Technical Training
• Online Training
• Awareness
• Awareness
initiatives &
campaigns
• Phising-as-a-Service
• Cloud Security
Implementation
• Cyber Cloud Protection
• Data Advisory
• Data Classification
• mCASB
• mDLP
• mIRM & Data Encryption
• Identify
• Protect
• Detect & Respond
• Recover
• Lab Innovation services
• Identity Implementation
• Managed Identity
Operations
• Infr. Implementation
• Managed Security
Technologies
• Health check monitoring
• FW Assurance
• Cloud Infrastructure
protection
• On-premise
infrastructure protection
• SAP Application Security
and code review
• Data Protection &
Encription
• Integration with
corporate IAM/ PAM
• Threat Monitoring and
Analytics
• Penetration testing
• Threat Intelligence
Threat Intelligence
Attack Surface Management
Threat Management & Response
War Gaming
Threat Hunting
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 46 | EMEA Cybersphere Center 2020
Aim for the extraordinary Commitment with clients
Sao Paulo
Santiago de Chile
Mexico DF
CalgaryMontreal
Vancouver
Buenos Aires
Washington
24x7Incident
Response
Madrid
London
ParisRome
Johannesburg
Lagos
Brussels
Frankfurt
Budapest
Morocco Tel Aviv
Dubai
Manila
Hong Kong
Sydney
Nagoya
Kuala Lumpur
Singapore
+700Cyber Spain professionals, of which +350 work for the ECC
13%turnover of Cyber professionals
3Gobal Delivery Centers in the world
+30Cyber Centers globally
+7.000Cyber professionals working internationally
28different nationalities of employees working at the ECC
+20Khours of courses delivered by the Cyber Academy in FY20
90%renewal rate after 3 years of services
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Barcelona
Copenhaguen
The Hague
Hyderabad
Gurgaon
San José
Lima
New Delhi
Bangalore
Toronto
Athens
Deloitte 48 | EMEA Cybersphere Center 2020
Aim for the extraordinary Commitment with clients
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Our leadership is supported by international references
FIRST
ISO27001 Information Security
Ongoing FY21
FY22
LEET Security CMMICERT
CERTIFICATIONSCurrent
certifications
Global leader in information Security Consulting in line with the existing strategy capabilities
Forrester, 2019
Global leader in Cyber Incident Response
Forrester, 2019
Global leader of Managed Security Servicebased on the existing strategy and capabilities
IDC, 2017
Deloitte ranked 1st for the ninth consecutive year in Securiy Consulting in Gartner’s Magic Quadrant
Gartner, 2019
Global leader in Cybersecurity Consulting
ALM Intelligence, 2015-2018
Gartner assessed the capabilities of our ECC and highlighted its leadership role as a Cybersecurity Incident Managed Detection and Response Center
Gartner, 2018
ACCOLADES
ISO22301Business Continuity
ISAE 3402 SOC 2
ISAE 3402 SOC 2
Information Security Consulting
Cybersecurity Consulting
Managed Security Services
Detection and Response
Security Consulting
Cyber Incident Response
Deloitte 50 | EMEA Cybersphere Center 2020
Cybersecurity has become one of the most important and fastest growing areas in field of technology worldwide.
We base our practice on managing the impact we have on clients, employees, stakeholders and communities. As a result, social initiatives are born that represent our sense of responsibility.
Aim for the extraordinary Deloitte’s own way of doing cyber
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 52 | EMEA Cybersphere Center 2020
Create a culture in which initiatives such as WiC are no longer necessary.
Enhance diversity and the success of profiles from different backgrounds in Deloitte Cyber.
Increase the number of women that consider and start a career in security, provide the support required for women to be able to attain leadership roles and create a strong internal and external network of female talent.
Vision Mission Objetive
As we are fully committed to diversity and aware of the importance of ensuring gender balance in the sector, Deloitte Cyber has launched the Women in Cyber (WiC) initiative.
Women in Cyber
Aim for the extraordinary Deloitte’s own way of doing Cyber
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 54 | EMEA Cybersphere Center 2020 Deloitte 54 | EMEA Cybersphere Center 2020
Deloitte 56 | EMEA Cybersphere Center 2020
Our Partners
Who & where we are Contact us
Alfonso MurRisk Advisory Managing [email protected]+34 629128644
César Martín LaraCyber Risk Advisory Managing Partner - [email protected]+34 699912931
Nicola EspositoCyber Risk Advisory [email protected]+34 6390325860
Juan A. SantosCyber Risk Advisory [email protected]+34 6591498281
Edward J. MooreCyber Risk Advisory [email protected]+34 686003244
Isaac NúñezCyber Risk Advisory [email protected]+34 667640019
The era of complexity
Aim for the extraordinary
Self identity
Innovation technology
Commitment with clients
Deloitte’s own way of doing Cyber
Who & where we are
Deloitte 58 | EMEA Cybersphere Center 2020
AddressEMEA Cybersphere CenterTorre ChamartínDulce Chacón, 55 – South Tower28050 MadridSpain
Deloitte refers to Deloitte Touche Tohmatsu Limited (“DTTL”) and its global network of member firms and their related entities, either to one or several of them. DTTL (also called “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to customers. For more information, see www.deloitte.com/about.
Deloitte provides audit, consulting, legal, financial advisory, risk management, tax, and related services to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries and territories, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte’s more than 312,000 professionals are committed to making an impact that matters.
This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this communication.
© 2020 Deloitte Advisory SL
Designed by the Marketing & Brand department, Madrid.