Intelligence and insights

In the past year, security strategies and practices have been tested like never before. Security leaders need to accelerate resilience, adapt to changes and make sure the C-suite is fully on board to support and promote their approach. Having the right intelligence at the right time can make all the difference.

Our cyber threat intelligence and incident response teams have investigated numerous cases of suspected cyber espionage and financially motivated targeting. During these investigations, our threat intelligence and incident response analysts have gained first-hand visibility of the tactics, techniques and procedures (TTPs) employed by some of the most sophisticated cyber adversaries.

Our reports bring these insights to you to enhance the work of your own security teams, deliver value on your security technology investments, security processes and overarching business strategy and help your organization to progress along the path to cyber resilience.

Our previous report focused on cyber threat trends in early 2021 and offered expert perspectives on threats to the operational technology landscape. Our latest report examines the second half of 2021 and explores the persistence of ransomware and other vulnerabilities—and how the cyber-resilient enterprise can tackle them.


of intrusions were made up of ransomware and extortion operations in 2021


of malware threats observed were backdoor threats in 2021


increase in ransomware and extortion operations from 2020 to 2021.

"Each and every one of us needs clear visibility into our own vulnerabilities—and keeping pace with evolving cyber threats through better intelligence is the best way to be more prepared."

– JOSHUA RAY, Managing Director – Accenture Security

Trending cyber threats in 2021 include increased ransomware demands, abuse of penetration testing frameworks, commodity malware and Dark Web enablement of newcomer challenges to IT and OT networks.

Cyber threat intelligence provides context-rich threat intelligence and information, so that organizations can enhance their ability to detect and prevent threats before they escalate. A successful threat intelligence program comprises a comprehensive set of threat intelligence data, technical capabilities, people skills, and appropriate processes to deal with threats effectively.

Cyber threat intelligence helps organizations understand current and historical threat activity and threat actor motives and capabilities so that businesses can allocate resources more effectively and establish a more proactive security posture. By staying ahead of vulnerabilities and understanding geopolitical and regional threats, organizations can fortify their security infrastructure and protect business continuity.

Threat intelligence provides current information to support decision making and improve security. Analysts track threat actors and groups to stay abreast of malicious activities. They seek evidence of other malicious activity on the web such as the buying and selling of credentials, malcode and zero-day vulnerability exploits. With this information, they develop intelligence to detect and respond to threats faster. They also spend time evaluating applications to uncover vulnerabilities before threat actors can exploit them.

About the Authors

Joshua Ray

Managing Director – Accenture Security

Howard Marshall

Managing Director – Accenture Security, Global Cyber Threat Intelligence Lead

Robert Boyce

Managing Director – Accenture Security, Cyber Resilience Services Lead

Valentino De Sousa

Senior Principal – Security Innovation

Christopher Foster

Senior Principal – Security Innovation


State of Cybersecurity
Ransomware response and recovery

Subscription Center
Visit our Subscription and Preference Center Visit our Subscription and Preference Center