Governing in the Age
of Cyber Threats


Governments around the world are working to meet citizens’ growing expectations for more and better digital public services: Across postal and revenue, policing and social services, or defense and back-office administration, digital technologies are fuelling incredible innovations.

Platform-based ecosystems for connecting everyone involved in delivering services. Mobile apps for empowering citizens and government workers. And unprecedented personalization of online citizen experiences—all aimed at greatly improved outcomes and satisfaction with our governments, the services they provide and our interactions with them.

Yet the same technologies that can enable better services and enhance citizen experiences also contribute to cybersecurity risks. Whether originating from inside a government agency or from an actor on the other side of the globe, cyber threats are real, they are growing in number and complexity and, unfortunately, they are here to stay.

In the face of those realities, how can government effectively and efficiently safeguard systems and data? Success lies not only in investing in the latest security technology, perimeter protection, or monitoring services—though these all have a role in a cybersecurity program. Success also lies in developing and instituting a practical, proactive approach: Assess the risks. Build a flexible strategy. Engage the blend of technical and government expertise essential to staying ahead of emerging risks.




A recent Accenture global survey of 2,000 cross-industry security executives revealed that roughly one in three targeted breach attempts against their organizations succeeds.


More than half of security executives admit it takes “months” to detect successful breaches. Another 17 percent said they identify attacks within a year or longer.


Security executives indicated that internal security teams discover only 65 percent of effective breaches. The rest are found by employees, law enforcement and ethical hackers known as “white hats.”


Though risks are always changing, here are some of the most pressing:

Rise of ransomware: In 2017, the “WannaCry” ransomware attack affected an estimated 200,000 organizations in 150 countries world-wide, locking-up the data of factories, hospitals, shops and schools across the world, and sending security companies scrambling to develop urgent fixes. The very rapid spread of “WannaCry” globally was largely down to it affecting outdated Windows systems that are no longer security patched by Microsoft.

Internet of Things (IoT) security: A growing number of “things”—from cameras to coffeepots—are going online. But with IoT devices, security often has been an afterthought. That can leave government-owned and—operated IoT devices vulnerable to breach. Today, there is the growing prospect of IoT devices being taken over and transformed into a “bot” to effect ever-greater damage.

Cloud security: Cloud computing must be undertaken with a careful eye toward security threats and risks. Citizens and public service leaders are becoming keenly aware of the potential for both great new opportunities provided by the cloud, and the potential dangers these present.

Mobile Threats: With smartphones in so many pockets, these devices have become a valuable channel for engaging citizens and delivering public services. However, options are still limited when it comes to strong authentication and data encryption for most mobile devices. That presents a real risk if a device is stolen. Looking for the latest technologies to achieve strongest authentication and encryption is key.

Industrial Internet of Things/Industrial Control Systems: Connected devices are gaining ground—and introducing new risks—in a host of industrial and infrastructure settings. As power plants, transportation systems and other providers of state-run infrastructure adopt IoT-enabled capabilities, governments need strategies and plans for ensuring the continuity and security of their vital resources.


Build a cybersecurity strategy. Build a cybersecurity strategy.
Assess risk. Assess risk.
Lead security efforts with intelligence, and rely on advanced analytics. Lead security efforts with intelligence, and rely on advanced analytics.
Invest in cybersecurity talent. Invest in cybersecurity talent.
Increase stakeholder collaboration. Increase stakeholder collaboration.

Stay In The Know

Receive e-mails from Accenture featuring new content that matches your interests.

Visit the subscription center to make your selections and subscribe to New from Accenture.


Ger Daly

Senior Managing Director, Global Defense & Public Safety, Health & Public Service, Accenture

Mail to Ger Daly. This opens a new window. Follow Ger Daly on Twitter. This opens a new window. Connect with Ger Daly's Profile on LinkedIn. This opens a new window.

Dr. Kevin O’Brien

Senior Principal, Global Security & Intelligence, Health & Public Service, Accenture

Mail to Kevin O’Brien. This opens a new window. Follow Kevin O’Brien on Twitter. This opens a new window. Connect with Kevin O’Brien's Profile on LinkedIn. This opens a new window.

Dr. Valtteri Vuorisalo

Senior Principal, Global Defense & Security, Health & Public Service, Accenture

Mail to Valtteri Vuorisalo. This opens a new window. Follow Valtteri Vuorisalo on Twitter. This opens a new window. Connect with Valtteri Vuorisalos Profile on LinkedIn. This opens a new window.