We recently surveyed 2,000 security executives at large, global enterprises and found that about one in three focused, targeted breach attempts succeeded.
Still, 75 percent of respondents were “confident” they were doing the right things with their security strategies, and a similar number said security is “completely embedded” in their cultures, with support from the highest-level executives.
Clearly, there’s a disconnect.
Surviving in this increasingly risky environment requires a cybersecurity “re-boot” to embrace an end-to-end approach that recognizes a spectrum of threats, minimizes exposure and identifies high-priority assets. This takes a few fundamental steps.
Assess security incident scenarios to better understand those that could materially affect the business and identify drivers of and barriers to remediation and transformation strategies.
STRATEGIC THREAT CONTEXT
By anticipating future threats, gain insight on competitive and geopolitical risks and other areas to align security programs with business strategy.
THE EXTENDED ECOSYSTEM
Be ready to cooperate during crisis management, develop third-party cybersecurity clauses and agreements and focus on regulatory compliance.
GOVERNANCE AND LEADERSHIP
Focus on security accountability, nurture a security-minded culture and create a clear-cut chain of command.
Understand the threat landscape, design key asset protection approaches and use “design for resilience” techniques to limit a cyber attack’s impact.
CYBER RESPONSE READINESS
Have a robust response plan, strong cyber incident communications and the ability to ensure stakeholder involvement across all functions.
Drive financial understanding concerning investments across security domains and the allocation of funding and other resources.
Accenture Security sought to get an inside view into how companies deal with cyber threats.
SURVEYED: 2,000 Security and IT executives, director level and above, at companies with revenues of US$1 billion or more, from 12 industries in 15 countries. Countries and industries as follows: