Cyber everywhere. Innovate anywhere.
Cyber should be about starting things—not stopping them. It’s why we’re using cyber to create the freedom you need to generate everything from human insights to secure products and their ecosystems. And it's why we're by your side helping you navigate cyber in the Internet of Things (IoT).
Explore a hyperconnected world:
Connected vehicles
Are you ready to set the pace?
Industrial Internet of Things
Is everything protected?
Connected medical devices
Are outcomes keeping pace (safely?)
Connected products
Is trust keeping up with innovation?
Smart cities
Are you ready to embrace the future securely?
Trusted by the world’s leaders. Chosen by the world’s innovators.
We manage cyber everywhere so you can innovate anywhere. From the visionaries reimagining businesses and the disruptors changing industries to the pioneers creating new markets, Deloitte is helping organizations solve their complex problems. So you can build a confident future—one idea, innovation, and breakthrough at a time.
A global leader in Internet of Things services
#1 by Gartner in market share for Security Consulting Services
A leader in Cybersecurity Incident Response Services
The Forrester Wave
TM
Gartner
Let us show you how to innovate anywhere
Home
Connected vehicles are here. Are you ready to set the pace?
Vehicles are no longer just four wheels and an engine. Today, they’re complex hyperconnected software and hardware platforms with the potential to do everything from improving performance to saving a life.
But with these benefits comes risk. Just think about data exposure from GPS, smart devices, and other automotive IoT systems, such as Controller Area Networks (CAN Bus). Now think about the potential harm that could be caused if access to these devices falls into the wrong hands. In addition to safety systems becoming vulnerable, an owner’s confidential information could be exposed—and both can be used to hold drivers for ransom.
That’s why, as the vehicle ecosystem evolves, your organization needs an industry leader that can provide you with the peace of mind to go anywhere, safely.
IF COMPROMISED:
DRIVERS HELD FOR RANSOM
SAFETY CONCERNS
Why now
Automotive manufacturers, suppliers, and regulators are becoming aware of the potential disruption caused by a connected vehicle ecosystem.
And while the NHTSA has issued two sets of cybersecurity leading practices and global standards evolve, guidance can only go so far. Implementing security by design — requirements, risk assessments, security testing, and secure procurement—can help create a connected and road-ready vehicle.
Securing the future of mobility
Making the new mobility ecosystem secure and resilient means tackling an expanding range of cybersecurity issues.
Read more
How we can help
Who we are
From international OEMs to suppliers and contractors, Deloitte’s Connected Vehicle services can help companies throughout the automotive ecosystem. We can help you recognize—and mitigate—the risks in a connected vehicle environment.
Find out more
Drawing from broad experience working with national and international OEMs and tier-one suppliers, our connected vehicle professionals can provide a new perspective on your automotive cyber architecture, security program, and strategy.
Let’s talk
Leon Nash principal
Tom McGinnis partner
Joe Kwederis principal
Sean Peasley partner
OWNER INFO HACKED
And while the NHTSA has issued two sets of cybersecurity leading practices and global standards evolve, guidance can only go so far. Implementing security by design—requirements, risk assessments, security testing, and secure procurement—can help create a connected and road-ready vehicle.
As cyberattacks against IIoT accelerate in both frequency and impact, regulations are becoming increasingly focused on IIoT security. This confluence of risk and regulation calls for a dedicated industrial technology lifecycle: from design, supply-chain logistics, and manufacturing to procurement, implementation, and end-of-life.
What’s more, the growing complexities across security by design, secure acquisition lifecycles, over-the-air updates, real-time monitoring, and incident response demand a new way of thinking to respond to the proliferation of IIoT.
IIoT is here.
Explore how can you secure the supply chain, detect risks, and build a workable IT/OT program.
Ramsey Hajj senior manager
Isolate top risks, align investments, and develop executive-led IIoT cyber risk programs that adapt to changes in business strategies and threats
•
Find, manage, and mitigate security risks in their IIoT, ICS, and OT systems
Design, build, and manage resilient IIoT environments
COMPLEX ECOSYSTEMS
HUMAN-MACHINE INTERFACES
CONNECTED DEVICES
REMOTE ACCESS MECHANISMS
SENSORS
Spanning your governance, acquisition, and maintenance requirements, Deloitte’s IIoT services can help organizations and their stakeholders:
We work with each client to align their cyber investments with strategic business priorities, improve threat awareness and visibility, and strengthen their ability to thrive in the face of cyber incidents.
With broad experience across clients, industries, products, and systems, our team can help identify issues, pinpoint areas of greatest threat, and provide aggregated cross-industry insights and leading practices to help you secure your IIoT.
CYBER ADVERSARY ACCESS POINTS
In an IIoT world, everything is connected. But is everything protected?
The Industrial Internet of Things (IIoT)—smart devices and platforms connected to machines, devices, and sensors—can increase operational efficiencies across industries and verticals. What’s more, increased connectivity and monitoring of Industrial Controls Systems (ICS) and other Operational Technology (OT) can give users the ability to manage these systems from anywhere.
Problem is, cyber adversaries recognize this as well. They see the value of the accessible data and assets as much as—if not more than—their victims do. It’s why they’re increasingly motivated to steal data or disrupt operations for their own advantage.
Which is why your organization needs an industry leader to provide you with insights to safely manage data, systems, and operations anywhere they’re needed—or exposed.
Health care delivery organizations, manufacturers, and regulators are recognizing the burgeoning risks of connected medical devices. The US Food and Drug Administration (FDA) has issued pre and postmarket guidance to address medical device manufacturers’ cybersecurity issues for pipeline and fielded devices.
And while guidelines help, what you really need is a roadmap to design (or acquire) secure products and then manage them in the field. All of which can achieve the dual goals of improving outcomes and protecting patients.
Russell L. Jones partner
ALTER TREATMENT PLANS
EXPLOIT PROVIDERS
MANIPULATE DATA / DEVICES
HARM PATIENTS
HOLD INFO FOR RANSOM
As the dynamic landscape of technology-powered medical innovations changes from one day to the next, we can help you understand industry shifts while strengthening your ability to manage the threats, no matter where you are in the value chain.
Veronica Lim partner
Improving outcomes for patients, manufacturers, and health providers:
Dig deeper into medical device safety and cybersecurity and how IoT is transforming medtech.
From product development lifecycles to product monitoring, our services span your governance, design and development, and deployment requirements.
With experience across 20 industry sectors, Deloitte Cyber helps your organization identify issues, pinpoint areas of greatest threat, and aggregate cross-industry insights and leading practices to help you secure your connected products and devices.
Veronica Lim principal
1
2
CYBER ADVERSARIES
Connected medical devices are multiplying. Are outcomes keeping pace (safely?)
As connected medical devices—and the data they transmit—enhance the potential to save lives, they also introduce safety, security, and privacy risks.
Consider the scenario of an adversary gaining access to a patient device: They can now manipulate connected devices to cause harm. And they could manipulate data, exploit providers, hold information for ransom, or alter treatment plans.
To deliver on the promise of improved outcomes—while securing medical devices—your organization needs an industry leader to help you innovate anywhere, safely.
Sources
US Department of Health and Human Services FDA draft guidance, 2018.
US Department of Health and Human Services FDA draft guidance, 2016.
The industry has recognized the burgeoning risks of connected products. The US Senate proposed guidelines and California has instituted laws requiring devices to be equipped with “reasonable” security and privacy features and to adhere to privacy requirements when collecting and using residents’ personal information.
And while guidelines help, what you really need is a roadmap to design (or acquire) secure products and then manage them. All of which can achieve the dual goals of improving experiences and protecting products.
PIVOT WITHIN NETWORKS
ALTER PRODUCT FUNCTION
MANIPULATE PRODUCTS
HOLD FOR RANSOM
Internet of Things (IoT) Cybersecurity Improvement Act of 2017, Congress.gov.
3
SB-327 Information privacy: connected devices. California Legislative Information, 2018.
4
AB-375 Privacy: personal information: businesses. California Legislative Information, 2018.
5
Managing risk in an age of connected products.
From product manufacturers to suppliers, third-party and software providers to digital platform companies, the connected products ecosystem is vast.
As the dynamic landscape of technology-powered innovations changes from one day to the next, we can help you understand industry shifts while strengthening your ability to manage the threats, no matter where you are in the value chain.
Products are connecting everything. Is trust keeping up with innovation?
As connected products—and the data they transmit— enhance the potential to improve the user experience and increase productivity, they also introduce security, privacy, and safety risks.
Consider the scenario of an adversary gaining access to consumers or an organization’s products: they can now manipulate data, pivot within networks, hold information for ransom, alter product functionality, or even manipulate connected products to cause damage.
To deliver on the promise of improved experiences—while securing products—your organization needs an industry leader to help you innovate anywhere, safely.
As cities and connected communities gain new efficiencies with modern technologies, it’s more important than ever to monitor for cyber incidents and produce design approaches to architecture that enforce a secure smart city ecosystem.
ACTUATORS
IOT DEVICES
Tim Li managing director
Making Smart Cities cybersecure.
Improving citizens’ lives and increasing efficiencies with smart cities.
Piyush Pandey managing director
BLURRING PHYSICAL AND DIGITAL WORLDS
Our Smart City and Connected Community Security services offer risk-intelligent strategies to help cities develop an integrated approach to managing cyber risk with cybersecurity principles baked into stages of the development process, from strategy and design to implementation and operations.
Deloitte Cyber includes thousands of dedicated cyber professionals, across 20 industry sectors. We help our clients thrive in the face of cyber incidents by helping them better align cybersecurity investments with strategic business priorities, improve threat awareness, and enhance their visibility.
Timothy Li managing director
INTEROPERABILITY AND INTEGRATION
Smart cities are here. Are you ready to embrace the future securely?
Integrating infrastructure and processes with technologies such as big data, IoT, cloud computing, robotics, and artificial intelligence has sparked transformative change in how cities and connected communities operate. And yet, as smart cities increase convenience and connectivity of urban life, so do the risks.
If compromised, connectivity across “things”—sensors, applications, and products—could rapidly affect safety and health, reduce quality of life, and derail economic efficiency.
In a converging physical and digital world, relying on perimeter cyber defense is not enough. City and community leadership, therefore, should embrace a broader future-minded approach to grow anywhere, safely.
