Organizations are gaining ground on the damaging impact of targeted cyber attacks, proving that recent security investments are paying off. Despite the number of targeted cyber attacks doubling in the last year, companies are improving cyber resilience and demonstrating they can perform better under pressure. But there is more work to be done. Now is the time to build on this momentum by drawing on investment capacity to fully realize the benefits of cyber resilience. Accenture reveals five steps to close the gap on cyber attackers and continue to embed security into the fabric of their organizations within the next two to three years.
2018 State of Cyber Resilience
Organizations’ cyber resilience has significantly improved over the last year, despite the increased pressure from targeted cybersecurity attacks, which have more than doubled since 2017. Only one in eight targeted attacks are getting through in 2018, compared with the one in three just over a year ago. And digital technologies that created much of this disruption in the first place, are also proving to be an important part of the solution. Eighty-three percent of survey respondents believe breakthrough technologies, like artificial intelligence, machine or deep learning, user behavior analytics, and blockchain, are essential to securing the future of their organizations. Growing support and increased investment for cybersecurity in recent years is starting to pay dividends and, as a result, business leaders are gaining ground on cyber attackers.
In the beginning, digital technologies were alien to organizations and their cultures. But over time this changed, as C-suites and boards became more familiar with digital and its unprecedented ability to transform growth. Today, digital is integral to core business strategies. Organizations are poised to do the same with cybersecurity. But first, organizations need to change the way they are approaching security:
Security teams are getting better—but there is still work to be done. Organizations are now preventing 87 percent of all targeted attacks. But they still face two to three security breaches a month.
Organizations could be cyber resilient in two to three years—but pressure grows daily. Ninety percent of respondents expect investment in cybersecurity to increase in the next three years but only 31 percent expect that increase to be significant (double or more).
New technology is critical—but investments are lagging. Eighty-three percent agree new technology is essential. Only two out of five are investing in AI, machine learning and automation technologies.
Confidence remains high—but a more proactive approach to cybersecurity is needed. More than 80 percent of respondents are confident about monitoring for breaches. But 71 percent say cyber attacks are still a “bit of a black box” and do not know when or how they will impact their organization.
The C-suite and board are more active in cybersecurity—but the CISOs role must adapt. Twenty-seven percent of cybersecurity budgets are authorized by the board of Directors and 32 percent by the CEO. The CISO’s role needs to evolve, to be more integrated with the business.
Five steps to cyber resilience
Organizations interested in innovative business models, building extended business ecosystems and adopting more flexible workforce arrangements need to find a secure and safe way to do so. Here are five steps that can help:
Build a strong foundation.
Identify high-value assets and harden them. Prioritize legacy systems. And prepare for the worst.
Pressure test resilience like an attacker.
Enhance both red attack and blue defense teams with player-coaches that use threat intelligence and communicate closely to provide analysis on where improvements need to be made.
Employ breakthrough technologies.
Automate defenses. Use automated orchestration capabilities and advanced behavioral analytics.
Be proactive and use threat hunting.
Develop strategic and tactical threat intelligence. Monitor for anomalous and suspicious activity.
Evolve the role of CISO.
Progress the next-generation CISO—business adept and tech-savvy.
Security from the inside out
Security teams should feel proud that they are realizing greater success, with the right capabilities, in increasingly difficult circumstances. Drawing on investment capacity for cybersecurity is proving to be wise. Performance improvements have been made, even in the face of more attacks. But transformation does not end here. In fact, the analysis shows that if it continues and companies follow the same path, within two to three years they could achieve a sustainable level of cyber resilience—where security becomes “business as usual,” embedded into the fabric of the organization.
About the research
Survey of 4,600 security decision makers at US$1B+ companies in 15 countries to understand the effectiveness of security efforts and the adequacy of existing investments.
What is a targeted cyber attack?
A targeted cyber attack has the potential to penetrate network defenses and either cause damage, or extract high-value assets and processes from within an organization. This excludes the thousands of low-level, speculative attacks organizations face daily.
What is cyber resilience?
The cyber-resilient business brings together the capabilities of cybersecurity, business continuity and enterprise resilience. It applies fluid security strategies to respond quickly to threats, so it can minimize the damage and continue to operate under attack. As a result, the cyber-resilient business can introduce innovative offerings and business models securely, strengthen customer trust, and grow with confidence.