Detailed modeling and statistical analysis of cybersecurity performance has identified a group of leaders that achieve significantly higher levels of cyber resilience compared with the non-leaders. Globally, 17 percent of respondents qualified as leaders with 28 percent of federal respondents recognized as leaders as well.

The statistical analysis revealed that leaders were characterized as among the highest performers in at least three of the following four categories:

  1. Stop more attacks
  2. Find breaches faster
  3. Fix breaches faster
  4. Reduce breach impact

Federal agencies on average perform significantly better than the average survey respondent, though not as well as the global leaders.

Chart of cybersecurity performance characteristics across cyber leaders, non-leaders, and federal agencies

Stop more attacks

Leaders globally identify a higher number of direct attacks against them—an average of 239 cyberattacks compared with 166 for non-leaders—while having a higher success rate in defending against them.

Leaders see only nine security breaches per year compared with an average of 22 per year for non-leaders. In the global sample, leaders have nearly a fourfold advantage when dealing with security breaches.

Federal agencies face a higher average number of annual attacks versus the average organization surveyed, but despite facing 320 cyberattacks a year, on average only 17 breaches occur. 5.3 percent of attempted cyberattacks breach federal defenses, whereas 3.8 percent breach leaders and 13 percent succeed against non-leaders.

Average number of security breaches and targeted cyber attacks for leaders, non-leaders, and federal agencies

Key Enabling Technologies:

  1. Next-Generation Firewall (NGF)
  2. Security Orchestration, Automation, and Response (SOAR)
  3. Privileged Access Management (PAM)

Find breaches faster

Time is critical when it comes to detecting a security breach, and leaders have distinct advantages, with 88 percent able to detect a security breach in less than one day on average. The remaining 12 percent were able to detect security breaches in seven days or less, meaning that nearly all breaches were discovered in a week or less.

For non-leaders, only 22 percent detected a security breach on the first day, with 83 percent of breaches detected in seven days or less.

Federal agencies perform better than average, but still shy of leaders. 45 percent can detect security breaches in less than a day, with 91 percent of breaches detected in seven days or less.

Graph of the average time to detect a security breach across cyber leaders, non-leaders, and federal agencies, showing that 100% of leaders find a breach in 7 days or less

Key Enabling Technologies:

  1. Artificial Intelligence (AI)
  2. Security Orchestration, Automation, and Response (SOAR)
  3. Next-Generation Firewall (NGF)

Fix breaches faster

Maintaining mission and business continuity and rapid recovery speeds are other important aspects of cybersecurity resilience where leaders have clear advantages. Fully 96 percent of them plug security breaches in 15 days or less.

This compares with only 36 percent of non-leaders who said they remediate security breaches in 15 days or less on average. This means 64 percent take 16 to 30 days or more to remediate a security breach.

Federal agencies outperform non-leaders in speed of fixing breaches. 58 percent are able to fix security breaches in 15 days or less, with 42 percent requiring 16 to 30 days or more.

Graph of percentage of breaches remediated within timelines across cyber leaders, non-leaders, and federal agencies, showing that leaders fix 10% of breaches in 30 days or less

Key Enabling Technologies:

  1. Security Orchestration, Automation, and Response (SOAR)
  2. Artificial Intelligence (AI)
  3. Next-Generation Firewall (NGF)

Reduce breach impact

Speed of recovery is essential in minimizing the damage of a security breach and the level of impact on an organization. Leaders stated that 83 percent of all security breaches resulted in either no impact or a minor impact. Of the remaining security breaches, 10 percent are moderate impact and 6 percent are significant. This translates to a moderate security breach every 13 months, on average, and a significant breach every 22 months or so, on average.

Non-leaders have lower levels of performance, with 50 percent of security breaches delivering a moderate or significant impact.

Federal agencies perform better than non-leaders, but not as well as leaders. 42 percent of federal security breaches deliver a moderate or significant impact.

Graph of security breaches by level of impact across cyber leaders, non-leaders, and federal agencies, showing that 58% of leaders have breaches with no impact, compared to 35% of federal agencies and 24% of non-leaders

Aaron Faulkner

​Managing Director – Accenture Federal Services, Cybersecurity Lead


MG(R) George Franz

Managing Director – Accenture Federal Services, Cybersecurity, Defense Lead


David Dalling

Director – Accenture Federal Services, Cybersecurity, XDR Capability Lead


Jason Layman

Managing Director – Accenture Federal Services, Technology Strategy & Advisory Lead

MORE ON THIS TOPIC

Leaders on how to master cybersecurity execution
What if your data could secure itself?
Modernize with impact

Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter