You only have to look around you, whether at work or at home, to see evidence that life is good. Most of us are lucky enough to have the right tools and conditions to help us be efficient and effective in our jobs. And a lot of people are living well within Maslow’s hierarchy of needs. But as any behavioral scientist will tell you, what seems initially positive on the outside often masks underlying issues.
It’s a situation we’re seeing in the Third Annual State of Cyber Resilience report. At first glance, the basics of cybersecurity are improving and cyber resilience is on the rise. Our latest research shows that most organizations are getting better at preventing direct cyberattacks. But in the shape-shifting world of cybersecurity, attackers have already moved on to indirect targets, such as vendors and other third parties in the supply chain. For many, this means new battlegrounds even before they have mastered the fight in their own back yard. At the same time, cybersecurity cost increases are reaching unsustainable levels and, despite the hefty price tags, security investments often fail to deliver. As a result, many organizations face a tipping point.
Leaders are doing it for themselves
Our analysis reveals there is a group of standout organizations that have found a way through. This group of leaders—around 17 percent of our sample—stop more attacks, find and fix breaches faster, and reduce the breach impact.
Here’s some practical pointers to how the non-leaders might step up:
|What leaders do||Performance targets for non-leaders|
|Leaders have nearly a fourfold advantage in stopping targeted cyberattacks.||Reduce the number of cyberattacks that result in a security breach from 1-in-8 to 1-in-27 or better.|
|Leaders have a fourfold advantage in detection speed.||Reduce the average detection rate for a security breach from up to seven days or more to less than one day.|
|Leaders have a threefold advantage in speed of remediation.||Reduce the average time to remediate a security breach from up to a month or more to 15 days or less.|
|Leaders have a twofold advantage in containing damage impact.||Ensure at least four out of five security breaches have no impact or only a minor impact.|
Of course, it isn’t only targets that matter. There’s a mind-set at play here, too. So, what do leaders do differently to become more resilient? Three things set them apart:
I am heartened by our findings from this year’s report. The fact of the matter is that we at least know what differentiates a leader and that gives the non-leaders, who are by no means laggards but could do with a helping hand, a chance to catch up.
If you’d like to find out where your organization stands when it comes to the effectiveness of your cybersecurity investments, why not get in touch? Our Accenture Security Diagnostic enables you to benchmark your organization’s cybersecurity program capabilities against those of your peers wrapped up in a personalized report. At least you’ll find out if there is anything lurking under the surface of your current cybersecurity strategy’s success.
About Accenture Security
Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 469,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.
Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organizations’ valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
This document is produced by consultants at Accenture as general guidance. It is not intended to provide specific advice on your circumstances. If you require advice or further details on any matters referred to, please contact your Accenture representative.
Copyright © 2020 Accenture. All rights reserved. Accenture and its logo are trademarks of Accenture.