The integration of end-to-end monitoring, real-time threat intelligence, and preprogrammed incident responses means that the preponderance of low-level and repetitive alerts are handled automatically. In the case of Accenture XDR for Government, up to 80 percent or more of these event alerts are resolved, with a 95 percent true positive rate (vs. 75 percent industry average), without human intervention. The remaining alerts are sent to tier 2 and 3 analysts. This approach ensures 100% alert coverage and continuous vigilance while decreasing alert fatigue, which is a hidden threat in many organizations.
Accenture XDR for Government also delivers faster incident response and remediation. It detects an incident in production environments, on average, in under one minute and offers service level objective (SLO) defined response time of fifteen minutes or less. It also follows US-CERT SLA and reporting requirements. This performance compares very favorably with an industry average of often days or weeks to detect, respond, and remediate attacks and breaches.
A recent Ponemon Institute report, The Cybersecurity Illusion: Enterprise Security Remains Reactive, showed that only 24 percent of organizations have a robust cyber metrics program in place, and only 60 percent tracked any meaningful metrics at all. Accenture XDR for Government works to fill this gap by mapping all detections to the MITRE ATT&CK framework for further analysis, while a customer portal provides a real-time view of an agency’s security posture. This approach builds collective knowledge of the threat environment's true nature and sets the stage for continuous performance improvement.
The end result is that managed security services like Accenture’s federal offering not only provide more extensive coverage with better threat detection and faster remediation in many cases, but this improved performance is backed by measurable key performance indicators (KPI) and enforceable SLAs.
The business case for managed security services
As with other outsourced services like cloud, managed security services offer better performance at a lower cost. These savings are driven by reliance on common, best-of-breed infrastructure, the widespread use of analytics, AI and automation, and operational economies-of-scale that reduce the cost to provide true 24/7/365 coverage with highly skilled threat analysts.
Consider, for example, a 3,000-person federal agency with 5,000 endpoints under management. Analysis indicates that they could achieve a $3.4M cumulative net benefit over the first three years of implementing Accenture XDR for Government. These benefits include a 32 percent reduction in operating costs that creates $1.5M in direct cost savings and avoidance. The added value derives from quantifiable performance improvements and risk reduction.
Another agency with 4,500 employees forecasted $10M in hard cost savings over five years with Accenture XDR for Government. The agency would also enjoy a $5M added value benefit from automated incident response and integrating threat intelligence to improve operational efficiency and effectiveness.
This makes Accenture XDR for Government the rare solution that delivers better performance and protection at less cost. It is also the only XDR solution offered as a managed service with current FedRAMP authorization for deployment within a federal environment.
Managed security services can serve as the SOC for an agency or augment existing security structures. Smaller agencies that must meet the same compliance mandates and standards of their larger peers may want to go with a fully managed solution. Larger agencies – those that may want to or must legally keep some data on-premises – should consider a hybrid approach that allows data to reside on site but still leverage the efficiency gains from a managed service.
The expanded use of managed security services will grow in federal agencies as it did with other outsourced technologies. The undeniable business case will ultimately push the service-model forward. Government agencies already benefit from outsourced services. It is time the security stack joins the other groundbreaking technologies agencies benefit from because of the “as-a-service” model.