Closing the gap on cyber attacks
In February 2018, Accenture conducted a global survey on cyber resiliency with 4,669 executives from companies with annual revenues of $1 billion or more, including 221 respondents from Software and Platforms companies.
The cyber-resilient business brings together the capabilities of cybersecurity, business continuity and enterprise resilience. It applies fluid security strategies to respond quickly to threats, so it can minimize the damage and continue to operate under attack. As a result, the cyber-resilient business can introduce innovative offerings and business models securely, strengthen customer trust, and grow with confidence.
Cyber attacks take many forms and have different degrees of impact. The average organization is subjected to a daily deluge of hundreds—if not thousands—of speculative attacks, which are handled by mature security technologies, such as firewalls. For the purposes of this Accenture research, we investigated targeted cyber attacks which have the potential to both penetrate network defenses and cause damage to or extract high-value assets and processes from within the organization.
Software and platforms companies doing well with some room left for improvement
An attack needs to be successful only once, whereas organizations’ cyber resilience needs to be effective every time. The ability to detect an attack has significantly improved over the last year. Despite the increased pressure from targeted cybersecurity attacks more than doubling (232 on average in 2018 vs. 106 in 2017), organizations are demonstrating far more success in heading them off with only one in eight (or around 13 percent) of focused attacks are getting through in 2018. This is much better than the one in three (or around 30 percent) that caused disruption to organizations just over a year ago.
At the same time, the number of successful attacks stagnating globally at ~30 means that, on average, organizations are facing 2-3 security breaches per month. This raises concerns, so there is more work to be done. In comparison, Software and Platforms companies faced on average 251 attacks in 2018, of which 33 (or around 13 percent) were successful, showing further room for improvement.
Five ways to become cyber resilient
- Build on a strong foundation: harden and protect your core assets.
Important to identify the high-value assets of your company and then strengthen their security as Software and Platforms companies today do not protect on average a quarter of their organization with their cybersecurity program. Make sure to prepare for the worst and test those scenarios.
- Pressure test your resilience: use coached incident simulation.
As the red team / blue team model—where a red team is tasked with infiltrating your security system and a blue team is tasked with detecting it—has its limitations, we advise using a coached incident simulation, often referred to as purple teaming, which also uses threat intelligence and advanced adversary simulation techniques as well as coaching.
- Employ breakthrough technologies: automate defences.
Use AI, big data analytics and machine learning to enable security teams to react and respond in nano- or milliseconds, not minutes, hours or days. Furthermore, implement multi-factor authentication, user behavior monitoring, AI-driven access provisioning and deprovisioning.
- Use intelligence and data to be proactive: hunt threats.
Use a data-driven approach and advanced threat intelligence to better anticipate potential attacks and develop a more proactive security posture for your business.
- Evolve the role of the CISO.
The next-generation CISO should be business adept and tech-savvy, someone who is equally at home in the boardroom as in the security operations center.
S&P companies are ahead on cybersecurity despite facing more threats—third party partners may pose significant risk.
S&P firms outperformed
About the research
In 2017, Accenture Security surveyed 2,000 executives to understand the extent to which organizations prioritize security, how comprehensive their security plans are, what security capabilities they have, and their level of spend on security.
Just over a year later, Accenture Security undertook a similar survey, this time interviewing 4,600 executives—representing organizations with annual revenues of $1bn or more—from 19 industries and 15 countries across North and South America, Europe and Asia Pacific.
More than 98 percent of respondents were sole or key decision-makers in cybersecurity strategy and spending for their organization.