US government agencies are confident
in their overall cybersecurity strategies
but do their operational
As a target for security threats, the public sector is unique, experiencing over 50 times more cyber incidents than any other industry.1 US federal, state and local government agencies need to improve key aspects of their digital defenses against this threat landscape. According to a recent Accenture survey, many respondents are highly confident about their cybersecurity programs overall, while far fewer feel the same about their performance at the operational level—especially when it comes to monitoring, identifying and measuring cyber breaches. Based on the survey findings, Accenture believes government agencies need to “reboot” their cybersecurity strategies to address critical gaps and to align the security program with their overall mission. The best rebooting approach is one that clearly defines cybersecurity success and “pressure tests” capabilities; spends wisely on innovation; makes security everyone’s job; and leads from the top of the organization.
1 Verizon, 2016 Data Breach Investigations Report, 2016, 4.
Most government executives express high levels of confidence that their cybersecurity strategies are achieving desired outcomes. However, confidence levels begin to drop when it comes to monitoring, identifying and measuring breaches.
And while many federal agencies consider cybersecurity a top priority that they have completely embedded in their cultures, most also admit attacks are often unpredictable. In fact, almost 90 percent of respondents agree with the statement, “cyberattacks are a bit of a black box; we don’t quite know how or when they will affect our organization.”
When a breach does occur, over two-thirds (67 percent) of respondents say their agencies turn to “communication channels to law enforcement” as their most effective response, followed by their own internal cross-functional teams (66 percent) and standard operating procedures (50 percent). While bringing in a third party can be effective, it relies on the abilities of the agency’s own security personnel to monitor and identify breaches in the first place, which requires strong cybersecurity capabilities.
Furthermore, many agencies are aware that the tools and technologies they use to safeguard digital assets do not provide the protection they require. In fact, fewer than 15 percent of government respondents say their “established technology and/or start-up technology” is effective when responding to breaches.
At the same time, only about one third expressed satisfaction with their
organization’s abilities in three critical areas:
As the velocity and aggressiveness of cyberattacks escalate, government agencies need to adopt new strategies to identify and respond to rapidly evolving security threats. For many, that will necessitate a cybersecurity “reboot,” one that recognizes success will require an end-to-end approach that considers threats across the spectrum of their service offerings and the agency´s ecosystem.
Government departments can deal effectively with the high-impact cyber threats they face by pursuing the following actions:
Define cybersecurity success,
and then “pressure test” capabilities by engaging good-guy “white hat” external hackers in real “sparring matches” with agency’s cybersecurity team to quickly determine its skill levels.
Make security everyone’s job
To build a culture of cybersecurity awareness, agencies should view state-of-the-art cybersecurity as an organizational mindset.
Spend wisely on innovation,
looking across seven key cybersecurity domains, which include cyber response readiness and cyber resilience, to spot security gaps and close them.
Lead from the top
Security leaders need to step beyond traditional comfort zones and materially engage with agency leadership on a day-to-day basis.