Achieving federal cyber resilience
August 20, 2020
August 20, 2020
Cybersecurity is improving globally, and cyber resilience is on the rise. Accenture’s latest research shows that most organizations, including federal agencies, are getting better at defending against cyberattacks. But as defenses evolve, so too do the threats. Attackers have already moved on to indirect targets, such as suppliers and other third parties. This leads to massive vulnerability for federal agencies that rely heavily on a contractor network to achieve their missions.
And while vulnerabilities continue to shift, cybersecurity costs are reaching unsustainable levels. Despite the hefty price tags, security investments often fail to deliver the desired security outcomes. This is particularly challenging for large federal agencies that cannot implement security solutions consistently throughout their organizations. Proliferation of outdated, hodgepodge legacy security solutions complicate progress.
But there is good news. Accenture’s analysis reveals there is a group of standout organizations within the public and private sectors that have cracked the cybersecurity code for innovation. Detailed modeling of cybersecurity performance identified an elite group of leaders — 17 percent globally — that achieved significantly higher levels of performance compared to the rest. Federal agencies outperformed the global sample, with 28 percent qualifying as leaders.
These leading organizations set the bar for performance:
Our research also identified specific best practices being adopted by these leaders, including:
Federal agencies can reduce costs—both in terms of the cybersecurity protection cost to the organization and the wider economic impact—by modeling their behavior after that of the leaders:
$380K
The average cost for non-leaders globally to defend and remediate a successful cyber breach.
$107K
The average cost for leaders globally to defend and remediate a successful cyber breach.
If agencies perform at the same level as leaders—having the same proportion of attack types and the same time to detect and fix responses—Accenture’s detailed modeling indicates they could reduce the cost per attack by 72 percent.
For the purposes of this research, we investigated targeted cyberattacks. These have the highest potential to both penetrate network defenses, cause damage, and extract high-value assets from within the organization. This excludes the deluge of hundreds—if not thousands—of speculative attacks organizations face on a daily basis.
What is cyber resilience? Cyber resilience brings together the capabilities of cybersecurity, business continuity, and enterprise resilience. It applies holistic security strategies to help federal agencies and other organizations respond quickly to threats so they can minimize the damage and continue to operate under attack.
In Accenture’s Third Annual State of Cyber Resilience Report – Federal Edition, we surveyed 4,644 executives, including 100 federal professionals, to identify what sets leaders apart. Our experts compiled key findings to benefit all organizations.
30 minute read
10 minute read