Cyber resilience: Banks, capital markets hold firm
July 10, 2020
RESEARCH REPORT
In brief
In brief
- With a steady reduction in security breaches, banks and capital markets firms have held firm, per Accenture’s State of Cyber Resilience survey.
- Most firms have room to improve—the top 15 percent of respondents represent a top-notch group boasting highly effective cyber security and resilience.
- Building the right processes and technology lineup is a pivotal step for banks and capital markets firms hoping to become best in class.
Banks and capital markets firms have heeded the call from our previous study. The latest edition of Accenture’s State of Cyber Resilience in Banking and Capital Markets survey reports steady improvement in preventing attacks and in recovering quickly from breaches, with banks and capital markets firms reporting 25 percent fewer breaches.
Only 17 attempted breaches of banking institutions’ security defenses are successful (23 for capital markets), compared to larger numbers for consumer goods (28), healthcare providers (24) and insurance (31). The news is good—but could be better.
For example, while attacks have declined, indirect attacks are a growing concern. As a group, banks and capital markets firms are bouncing back from breaches, but their time to detect a breach and their ability to resolve a breach within 15 days lags behind the top-notch cross-industry leaders in cyber resilience. Investment in cyber security has increased, but firms aren’t sure they can keep up the pace.
Room for banks and capital markets firms to improve
40%
Roughly 40% of breaches now are indirect, such as injection of malicious code to a vendor’s site, downloaded open-source libraries or a vendor’s misconfigured server.
96%
Among leading cross-industry firms, 96% could remediate a breach within 15 days, compared to only 44% for banks and capital markets firms.
65%
Staying ahead of attackers is a constant battle and the cost is unsustainable for 65% of banks and capital markets firms.
Keeping pace with “best in class”
Among bank and capital markets firms, our survey identified two distinct group of respondents showing dramatic differences in their cybersecurity performance. Atop the list, 15 percent of banks and capital markets firms responding to our survey perform significantly better, as seen in our overview. This best in class group is setting the bar for innovation. The second group, 75 percent of firms surveyed, can be considered average performers.
Being top-notch at managing cybersecurity has real advantages. According to our research, the average cost per attack for an average performer is $380,000 per incident. Best in class performers can reduce that cost up to 72 percent. Given an average of 22 incidents per year, this amounts to a $273,000 savings per breach, totaling $6 million annually in potential savings for an average firm.
One key to success for leading firms? Speed. Breaches will happen—but leaders find and stop breaches fast, before significant damage is done. They spot anomalies, trigger an investigation and eradicate the threat. The remaining 75 percent of firms, by contrast, over-spend on defense while under-spending on offense, investing less time building detection-and-response capabilities.
The right tech lineup
Plenty of technical solutions are available to help with cybersecurity—but not all tech is equally effective. Leaders gravitate to three technologies in particular:
Next-Generation Firewall (NGF)
This technology helps banks segment their network, preventing breaches from spreading too far beyond the initially compromised machine.
Security Orchestration Automation & Response (SOAR)
SOAR offers rapid response for routine incidents that, if done manually, can overwhelm security teams (such as malware on a user’s computer).
Privileged Access Management (PAM)
A well-implemented PAM solution uses a ticket-based approach to cut an attack chain at the point where an adversary attempts to escalate privileges.
View All
These technologies, deployed effectively, help explain how best in class banks and capital markets firms are able to move rapidly to shut down a cyberattack.
Can you be best in class?
What does it take for financial firms to move into the class of elite cyber resilience firms, so they can more rapidly detect and shut down an attack—and save potentially millions of dollars? Is it difficult to tackle? Will it cost a lot?
Our experience indicates leading firms do not necessarily spend the most money—they may even spend less money. Their strength lies in efficiency and a balanced approach. They tend to:
- Prioritize speed: Leaders invest on improving operational speed, specifically how quickly they can detect a breach, how quickly they can respond and how quickly they can resume normal operations.
- Scale more: Leaders able to scale their technologies—defined as 50 percent or more tools moving from pilot to full deployment—perform four times better than average.
- Train more: Across the global sample, our survey found top performers in terms of training spot 52 percent of breaches within 24 hours, compared with 32 percent for average performers.
- Collaborate more: Firms that collaborate the best, using more than five methods to bring together a multitude of teams, are twice as successful than others at defending against attacks.
Ready to get started?
The technologies and strategies deployed by top-notch financial firms in cyber resilience are easy to describe. But are they easy to implement? We can work with you to identify the technologies and strategies at your bank or capital markets firm. Read our report to learn how Accenture can help you rise to the top of the class.
Seventy-five percent of firms over-spend on defense while under-spending on offense, investing less time building detection-and-response capabilities.
Subscription Center
Stay in the Know with Our Newsletter
Stay in the Know with Our Newsletter