Where are we now?
Cyber attacks are commonplace. They can have a massive impact on organisations, as well as their customers, partners, employees and the bottom line. Many organisations are finding it hard to reconcile the level of their cybersecurity innovation investments with the cyber resilience outcomes for their business. Even worse, choosing the wrong strategy to invest in cybersecurity technologies can cost the organisation far more than wasted cash; it can damage an organisation’s brand, reputation, and future prosperity.
Why leaders are more cyber resilient
Cyber resilience is the ability to defend against attacks while continuing to do "business as usual" successfully. Our statistical analysis revealed a group of leaders who were characterised as among the highest performers in at least three of the following four categories: stop more attacks, find breaches faster, fix breaches faster and reduce breach impact.
Our research found that leaders behave differently in three core ways.
#1. Invest for operational speed
Leaders prioritise moving fast. The top three measures of cybersecurity success for leaders emphasise speed. Leaders prize how quickly they can detect a security breach, how quickly they can mobilise their response and how quickly they can get operations back to normal. Leaders also measure the success of their resilience—how many systems were stopped and for how long—and precision—improving the accuracy of finding cyber incidents.
Leaders choose turbo-charging technologies. Leaders use the technologies that help them achieve their main measures of cybersecurity success—speed of detection, recovery and response—ranking Artificial Intelligence (AI) and Security Orchestration Automation and Response (SOAR) technologies highest. They use advanced technologies to achieve other measures of cybersecurity success—like fewer successful attacks (where Next-Generation Firewall ranks highest), reduced breach impact (where AI ranks highest) and cost reduction (where SOAR ranks highest).
#2. Drive value from new investments
Leaders scale more. Organisations best at scaling security technology investments are 4X better than the rest at discovering and defending attacks and protecting more key assets in their organisations.
Leaders train more. Organisations best at training are 2X better than the rest at defending attacks, faster at discovering and fixing breaches and protect more of their organisation with their cybersecurity programme. Performance varies significantly on these metrics, with 53% of UK organisations fixing breaches in 15 days or faster, compared to 96% of global leaders. For UK organisations, speed is a challenge, but an essential part of managing the threat.
Leaders collaborate more. Organisations best at collaborating are 2X better than the rest at defending attacks, better protect their ecosystems and benefit from improved alignment with regulatory requirements.
#3. Sustain what they have
Leaders maintain existing investments. Leaders focus more of their budget allocations on looking after what they already have, compared with the non-leaders who place more emphasis on piloting and scaling new capabilities. In fact, non-leaders tend to spread their spending evenly across three core activities: scanning and piloting new capabilities; scaling new capabilities; and sustaining what they already have.
Leaders perform better at the basics. Data breaches happen when organisations fail at fundamental data protection practices. With more than half a million records exposed for 44 percent of non-leaders compared with only 15 percent of leaders in the last year, now, more than ever, it is critical for them to make sure the basics of data-centric security are in place. It is not only the right thing to do, but also critical if organisations are serious about protecting their data. For more information, read the report Achieving Data-Centric Security.
Invest for cyber resilience
Investment in new technologies is leading to a proliferation of tools for most organisations—yet they are seeing only 53 percent returns on average for these security investments. Read our report for how C-suite leaders and their Boards should act to be sure that their investments are protecting their organisations, for today and tomorrow.
Mastering cybersecurity execution
As our research shows, cyber resilience is achievable and replicable. Organisations need to stop attacks and improve their response to security failures, find and fix breaches faster and maintain a lower impact on the business.
By understanding adopting the lessons learned by the leaders, organisations can not only secure the path to cyber resilience, but also gain mastery in cybersecurity execution.