Deloitte opens first African Cyber Intelligence Centre
South Africa has become the first country in Africa to host a Deloitte Cyber Intelligence Centre (CIC), which opened in Johannesburg on Wednesday.
The firm's global network of CICs aims to converge cyber-security analytics from monitoring individual businesses with industry insight, to provide companies with 24/7 real-time threat monitoring and cyber-security services.
The CIC network will total 22 individual centres in locations around the world by the end of 2016, said Derek Schraader, risk advisory Africa leader for cyber risk services at Deloitte. He explained that the international nature of cyber threats underlines the importance of working through a global network to address them.
The CIC draws information from over 300 threat intelligence feeds, said Henry Peens, associate director at Deloitte. While these include information from the dark Web, useful security information can come from sources as mundane as Twitter, as hacktivist groups often use the social network to boast about their achievements and future plans or specific targets, he noted.
Yet "serious" attacks are more often much stealthier and completely unpublicised, said Cathy Gibson, Africa leader for cyber risk and resilience at Deloitte. For this reason, it is important to monitor companies' unique activity footprints for abnormal spikes in certain functions as well, she explained.
Customers of Deloitte's CICs install specific hardware and software at their own sites, where their data is analysed and only their threat information is sent through to the CIC sites for the sake of reducing data vulnerability, said Schraader.
The pricing of CIC services roughly correlates to the client company's size, in that it is dependent on the number of devices the business uses and the volumes of data it generates, Schraader added.
When asked whether Deloitte planned to contribute its knowledge to the improvement of the global cyber-security sphere, Schraader said the company planned to tie into other cyber-security communities and make some of its information available to other organisations, noting that cyber security is the one field in which businesses are willing to share information with one another.
"An attack on one is an attack on all of us," Schraader said, noting by means of example that a cyber attack on one South African bank can damage the reputation of SA's entire banking industry.