The benefits of federal cyber resilience
August 20, 2020
August 20, 2020
Detailed modeling and statistical analysis of cybersecurity performance has identified a group of leaders that achieve significantly higher levels of cyber resilience compared with the non-leaders. Globally, 17 percent of respondents qualified as leaders with 28 percent of federal respondents recognized as leaders as well.
The statistical analysis revealed that leaders were characterized as among the highest performers in at least three of the following four categories:
Federal agencies on average perform significantly better than the average survey respondent, though not as well as the global leaders.
Leaders globally identify a higher number of direct attacks against them—an average of 239 cyberattacks compared with 166 for non-leaders—while having a higher success rate in defending against them.
Leaders see only nine security breaches per year compared with an average of 22 per year for non-leaders. In the global sample, leaders have nearly a fourfold advantage when dealing with security breaches.
Federal agencies face a higher average number of annual attacks versus the average organization surveyed, but despite facing 320 cyberattacks a year, on average only 17 breaches occur. 5.3 percent of attempted cyberattacks breach federal defenses, whereas 3.8 percent breach leaders and 13 percent succeed against non-leaders.
Key Enabling Technologies:
Time is critical when it comes to detecting a security breach, and leaders have distinct advantages, with 88 percent able to detect a security breach in less than one day on average. The remaining 12 percent were able to detect security breaches in seven days or less, meaning that nearly all breaches were discovered in a week or less.
For non-leaders, only 22 percent detected a security breach on the first day, with 83 percent of breaches detected in seven days or less.
Federal agencies perform better than average, but still shy of leaders. 45 percent can detect security breaches in less than a day, with 91 percent of breaches detected in seven days or less.
Key Enabling Technologies:
Maintaining mission and business continuity and rapid recovery speeds are other important aspects of cybersecurity resilience where leaders have clear advantages. Fully 96 percent of them plug security breaches in 15 days or less.
This compares with only 36 percent of non-leaders who said they remediate security breaches in 15 days or less on average. This means 64 percent take 16 to 30 days or more to remediate a security breach.
Federal agencies outperform non-leaders in speed of fixing breaches. 58 percent are able to fix security breaches in 15 days or less, with 42 percent requiring 16 to 30 days or more.
Key Enabling Technologies:
Speed of recovery is essential in minimizing the damage of a security breach and the level of impact on an organization. Leaders stated that 83 percent of all security breaches resulted in either no impact or a minor impact. Of the remaining security breaches, 10 percent are moderate impact and 6 percent are significant. This translates to a moderate security breach every 13 months, on average, and a significant breach every 22 months or so, on average.
Non-leaders have lower levels of performance, with 50 percent of security breaches delivering a moderate or significant impact.
Federal agencies perform better than non-leaders, but not as well as leaders. 42 percent of federal security breaches deliver a moderate or significant impact.
Key Enabling Technologies: