The IIA, Crowe Horwath Examine Security Intelligence Centers

Cybersecurity remains a top business priority as cyber incidents and data breaches carry the threat of significant operational and reputational damage for all organizations. A new report from the Internal Audit Foundation (IAF) and Chicago-based Crowe Horwath (FY16 net revenue of $745.2 million) offers a look at the next step in the evolution of cybersecurity strategy by examining the growing use of security operation centers and security intelligence centers.

Next Steps: Beyond Response to Anticipation is based in part on a survey of chief audit executives conducted by The Institute of Internal Auditors’ (IIA) Audit Executive Center and Crowe. The survey found that more than a third of respondents are turning to security operation centers, formal and informal, as part of their cybersecurity strategies.

“It is logical and encouraging that models to address the pervasive and potentially devastating threat of cyberattacks are evolving,” says IIA President and CEO Richard F. Chambers. “The creation of formal security operation centers allows for holistic, proactive approaches to cybersecurity in which all parts of the organization, including the internal audit function, can support the battle against data breaches.”

To conduct the survey, Crowe personnel interviewed information security executives from organizations across the globe. The interviews confirmed a growing number of organizations recognize that “100 percent protection 100 percent of the time” is not achievable. It is then that an organization’s cybersecurity strategies can “shift from a defensive posture to a more offensive and proactive one that focuses on learning about how certain threats operate, how their effects can be limited or mitigated, and how the incident response time (from identification to remediation) can be accelerated,” according to the report.

The report identifies the common terminology, frameworks, metrics and tools used in the security operation centers and examines how these can evolve further into security intelligence centers.

“There is room for internal audit to get more engaged in the evaluation of security operations,” said Raj Chaudhary, Crowe Risk Consulting principal. “Over time, advanced analytics capabilities will allow companies to become more proactive in preventing events that could negatively impact business operations.”

The report is available through the Internal Audit Foundation.