Federal agencies, like all large global organizations, are under attack from bad actors. Though they share many of the same challenges as commercial entities (e.g., deficit of cybersecurity professionals and overabundance of segregated security technologies), they also face unique compliance requirements and acquisition challenges that complicate their approach to cyber resilience.
Existing long-term government procurement processes, combined with a systemic focus on compliance, can hinder effective federal cyber response. This makes it difficult to acquire and implement the right tools while also creating false confidence in the agency’s security.
Yet despite the challenges, results from Accenture’s Third Annual State of Cyber Resilience report demonstrate that federal agencies on average perform on par or better than the rest of the global population. But there is room for improvement when agencies are compared to the subset of respondents deemed “leaders” based on their survey responses.
Follow the leaders
A core group of leaders (which includes 28% of federal respondents) has shown that cyber resilience is achievable and can be reproduced. By investing for operational speed, driving value from these investments, and sustaining what they have, they are well on the way to mastering cybersecurity execution.
Leaders often take a more considered approach to their use of advanced technologies by choosing those which help deliver the speed of detection and response they need to reduce the impact of cyberattacks. The number of leaders spending more than one-fifth of their budget on advanced technologies has doubled in the last three years, and once they do invest in technology, they scale fast. The combined result is a new level of confidence from leaders in their ability to extract more value from these investments— and by doing so, exceed the performance levels of the non-leaders.
The federal case for managed cybersecurity
Our research documents that extraordinary disparities exist between high and low performing security organizations, including within the federal government. These disparities are often the result of:
- A talent gap: There is a massive deficit in available resources in the security industry. Finding qualified staff to manage an in-house security team is challenging.
- Technology complexity: There are more than 3,000 distinct cybersecurity vendors. Each organization’s security stack is different with varying levels of effectiveness. And each unique technology requires staffing.
- Functional capability gap: Some organizations are better equipped to manage and analyze security data to aid in better organizational decision making.
A cyber managed service can directly address each of the disparities to move agencies quickly into a stronger cyber resilient position, removing the complexity and false sense of security.
Furthermore, cyber managed services combat the inefficiencies and weaknesses that can result from slow government procurement processes. How can an agency choose technologies (often down to the SKUs) that will protect it from threats two years from now – let alone five years? They can’t make that decision effectively without knowing the unknowable, namely, what attacks will look like in the future, and what new technologies will be available to aid in defense.
Flexible contracting models, with an emphasis on managed service solutions based on delivery outcomes via contractual service level agreements and key performance indicators, help federal agencies’ cyber resilience evolve as threats do too.
The benefits of cyber managed services include:
- Shared threat intelligence: Agencies share information about threats, attacks, and effective response strategies.
- Ongoing system updates: Update one agency’s security solutions, it gets rolled out to other agencies.
- Reduced costs: Lower cost to agencies because each agency won’t have to build and man its own tech stack.
- Capability leap: Transition to a managed security service provides automation, orchestration, enrichment, intelligence, attacker emulation, and hunting at a scope and scale that most agencies would require 3-5 years to implement and operate.
- Improved defense and performance: Achieve service level agreements and key performance indicators (e.g., mean time to detect, respond, and resolution; true positive rate; alert coverage; percent of automated response; and more) well beyond what most individual organizations can achieve.
- More rapid technology evolution: Vendor responsible for tracking new technology and evolving threats, ensuring continuous introduction of new capabilities and features at the same fixed rate.
As your agency continues its journey to improve against all key metrics – stopping more attacks, finding and fixing breaches faster, and reducing breach impact – Accenture can help you assess your current processes and technologies. We can help you define a strategy, architecture, and roadmap for strengthening your cyber posture in a sustainable, scalable, and agile manner. We can also help you assess if a managed service approach to cybersecurity can deliver cost and performance benefits for your agency.