To help U.S. executives concerned about visibility into the security of their cloud workloads and applications, Deloitte has expanded existing capabilities to launch Cloud Security Management (CSM) by Deloitte. The platform of services and solutions includes cloud security policy orchestration (CSPO), cyber predictive analytics, attack surface management and cyber cloud managed services (CCMS) – all of which can be applied in Google Cloud, Microsoft Azure and other public clouds alone, or in multi-cloud environments.
“We integrated newly acquired capabilities with our existing technologies and leading global security services to help our clients secure and enhance their cloud environments more efficiently and effectively,” said Vikram Kunchala, Deloitte Risk & Financial Advisory Cyber Cloud leader and principal, Deloitte & Touche LLP. “We worked to ensure our platform integrates and operates with the major cloud providers’ security capabilities so that our clients can more easily scale their cloud security programs and apply security throughout the systems development lifecycle – even when non-standard security requirements are involved. Building upon the strength of the CSM by Deloitte platform, we plan to expand it over time as client demands change and the technology landscape evolves.”
Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP said, “While many are eager to accelerate cloud adoption in a secure, resilient and agile manner, that process is not always easy or simple – particularly when digital transformations occur at various stages, multiple cloud environments are involved, and regulatory compliance requires a variety of shared infrastructure situations, inclusive of third-party requirements. Whether organizations want to leverage our advanced technologies or large practice of highly skilled cyber specialists – or both – CSM by Deloitte acts as a potential change agent for organizations that want to operate confidently and securely in the cloud environment even as that threat landscape evolves.”
The CSM by Deloitte platform initially includes:
- A CSPO solution offering continuous, cloud-native, multi-cloud security posture monitoring and policy application. Leveraging a comprehensive set of industry-specific policies provided in the form of policy-as-code, the solution can be customized and managed via GitOps to serve as the “single source of truth” for policy enforcement while also making it easier for DevSecOps teams to include security earlier in product development.
- CCMS include end-to-end cloud security design, 24x7x365 operations support, as well as multiple specialization modules. Clients can apply one, some or all modules to their environments, including identity and access management, infrastructure and network security, detection logging and monitoring, data protection, infrastructure and network security, threat and incident response, endpoint protection as well as DevSecOps, automation and orchestration.
- Cyber predictive analytics that leverage models trained on attack simulations and real-world data to quickly comb through petabytes of data, surfacing threats that might otherwise be missed. Through automated threat hunting and detection, actionable risk metrics are combined and accessible through an interactive, persona-driven suite of dashboards.
- Attack surface management functionality incorporates the results of continuous testing through managed services and intelligent automation into threat detection and response activities. Asset identification, service fingerprinting and vulnerability scanning help users define specific risk areas, identify high priority security and compliance issues and orchestrate remediation efforts.