Skip to main content Skip to Footer

HIGH PERFORMANCE SECURITY REPORT 2016


PERCEPTION VS.

REALITY

Organizations are confident in their ability to protect themselves, yet breach rates are alarmingly high.




We recently surveyed 2,000 security executives at large, global enterprises and found that about one in three focused, targeted breach attempts succeeded.

Still, 75 percent of respondents were “confident” they were doing the right things with their security strategies, and a similar number said security is “completely embedded” in their cultures, with support from the highest-level executives.

Clearly, there’s a disconnect.

Surviving in this increasingly risky environment requires a cybersecurity “re-boot” to embrace an end-to-end approach that recognizes a spectrum of threats, minimizes exposure and identifies high-priority assets. This takes a few fundamental steps.

An organization will face over a hundred focused, targeted breach attempts every year… one in three of these will result in a successful security breach.

Executives must overcome erroneous perceptions and focus for success

Executives must overcome erroneous perceptions and focus for success


DEFINE

SUCCESS

To reframe their cybersecurity perceptions and build a new definition of success, business leaders must ask themselves several critical questions:

  • Are you confident that you have identified all priority business data assets and their location?

  • Are you able to defend your business from a motivated adversary?

  • Do you have the tools and techniques to react and respond to a targeted attack?

  • Do you know what the adversary is really after?

  • How often does your organization “practice” its plan to get better at responses?

  • How do these attacks affect your business?

  • Do you have the right alignment, structure, team members, and other resources to execute on your mission?

We believe security organizations need to improve the alignment of their strategies with business imperatives. While many organizations are making progress in compliance and risk management, security programs must continue to improve detection and prevention of more advanced attack scenarios.

BlockTitle

On average an organization will face 106 targeted cyberattacks each year




INVEST TO INNOVATE &

OUTMANEUVER

We recommend a hard look at seven key cybersecurity domains to identify potential opportunities where your money can be most effectively spent.

REBOOT YOUR APPROACH

REBOOT YOUR

APPROACH


See the results of our global survey, and learn what must be done.

LEAD FROM THE TOP

Ultimately, security is everyone’s job.

While cybersecurity has gained full attention on company agendas, many chief information security officers (CISOs) still feel locked out of the C-suite. This isn’t necessarily a conscious snub; it’s more of a question of the security organization’s maturity level.

To succeed, CISOs have to step beyond their comfort zones and materially engage with enterprise leadership. Doing so will require them to speak the language of business to make the case that the security team is a critical pillar in the battle to protect enterprise value.

At the same time, the CISO needs to build the board’s cyber literacy with the goal of making it an equal priority to business risk assessment.


Effective cybersecurity requires organizations to achieve greater maturity regarding the main role of the security organization: protect the business from devastating losses.

By grasping the bottom-line impact of a breach, organization leadership will be motivated to act quickly.

And, as digital security strategies and new solutions emerge, organizations that tie security efforts to real business needs will gain justifiable confidence in their ability to deal with relentless and fast-moving threats.

ABOUT THE

RESEARCH


Accenture Security sought to get an inside view into how companies deal with cyber threats.