Deloitte Launches Expanded Cloud Security Management Platform


The platform includes cloud security policy orchestration, cyber predictive analytics, attack surface management and cyber cloud managed services

Deloitte has expanded existing capabilities to launch Cloud Security Management (CSM) by Deloitte. The platform of services and solutions includes cloud security policy orchestration (CSPO), cyber predictive analytics, attack surface management and cyber cloud managed services (CCMS) – all of which can be applied in Google Cloud, Microsoft Azure and other public clouds alone, or in multi-cloud environments.

The CSM by Deloitte platform initially includes:

  • A CSPO solution offering continuous, cloud-native, multi-cloud security posture monitoring and policy application. Leveraging a comprehensive set of industry-specific policies provided in the form of policy-as-code, the solution can be customised and managed via GitOps to serve as the “single source of truth” for policy enforcement while also making it easier for DevSecOps teams to include security earlier in product development.
  • CCMS includes end-to-end cloud security design, 24x7x365 operations support, and multiple specialisation modules. Clients can apply one, some or all modules to their environments, including identity and access management, infrastructure and network security, detection logging and monitoring, data protection, infrastructure and network security, threat and incident response, endpoint protection as well as DevSecOps, automation and orchestration.
  • Cyber predictive analytics that leverage models trained on attack simulations and real-world data to quickly comb through petabytes of data, surfacing threats that might otherwise be missed.  Through automated threat hunting and detection, actionable risk metrics are combined and accessible through an interactive, persona-driven suite of dashboards.
  • Attack surface management functionality incorporates the results of continuous testing through managed services and intelligent automation into threat detection and response activities. Asset identification, service fingerprinting and vulnerability scanning help users define specific risk areas, identify high priority security and compliance issues and orchestrate remediation efforts.

“We integrated newly acquired capabilities with our existing technologies and leading global security services to help our clients secure and enhance their cloud environments more efficiently and effectively. We worked to ensure our platform integrates and operates with the major cloud providers’ security capabilities so that our clients can more easily scale their cloud security programs and apply security throughout the systems development lifecycle – even when non-standard security requirements are involved. Building upon the strength of the CSM by Deloitte platform, we plan to expand it over time as client demands change and the technology landscape evolves,”  said Vikram Kunchala, Deloitte Risk & Financial Advisory Cyber Cloud Leader and Principal, Deloitte & Touche.