Accenture’s State of Cyber Resilience research additionally revealed key traits of cyber resilient leaders. The report discovered a median of 270 assaults per yr per firm.
Greater than half (55%) of huge firms aren’t successfully stopping cyberattacks, discovering and fixing breaches shortly or decreasing the affect of breaches, based on a brand new analysis research from Accenture.
SEE: Safety incident response coverage (TechRepublic Premium)
Accenture’s State of Cybersecurity Resilience 2021 research explored the extent to which organizations prioritize safety, the effectiveness of present safety efforts and the way their safety investments are performing. The pandemic served as “a breeding floor for brand spanking new assaults,” based on the research, which was primarily based on a survey of greater than 4,700 executives globally.
There have been on common 270 assaults per firm over the yr, a rise of 31% in contrast with 2020, the Accenture research mentioned.
“From run-of-the-mill cybercriminals to stylish nation-state actors, cyber adversaries are getting extra resourceful at discovering new methods to hold out their assaults,” mentioned Kelly Bissell, who leads Accenture Safety globally, in an announcement. “Our evaluation reveals that organizations too usually focus solely on enterprise outcomes on the expense of cybersecurity, creating better danger.”
Whereas getting the stability proper is not simple, Bissell added, individuals who have a transparent view of the menace panorama and a powerful alignment on enterprise priorities and outcomes obtain better ranges of cyber resilience.
Battling cyberattackers stays a problem
The research additionally revealed that 4 in 5 respondents (81%) imagine that “staying forward of attackers is a continuing battle, and the fee is unsustainable,” a rise from 69% in final yr’s survey.
On the identical time, whereas 82% of survey respondents mentioned they elevated their cybersecurity spending this previous yr, the variety of profitable breaches—which embody unauthorized entry to knowledge, functions, companies, networks or units—jumped 31% over the earlier yr, to 270 per firm, on common.
SEE: The right way to handle passwords: Greatest practices and safety ideas (free PDF) (TechRepublic)
The report highlights the necessity to lengthen cybersecurity efforts past an organization’s personal partitions to its total ecosystem, noting that oblique assaults comparable to profitable breaches to a company by means of the availability chain—proceed to develop. As an illustration, regardless of two-thirds (67%) of organizations saying they believed that their ecosystem is safe, oblique assaults accounted for 61% of all cyberattacks this previous yr, up from 44% the prior yr, based on the research.
The right way to change into a “cyber champion”
Moreover, the analysis recognized a small group of firms that Accenture mentioned not solely excel at cyber resilience but additionally align with the enterprise technique to realize higher enterprise outcomes and return on cybersecurity investments. In contrast with different organizations, these so-called “cyber champions” are much more prone to:
- strike a stability between cybersecurity and enterprise goals
- report back to the CEO and board of administrators and show a far nearer relationship with the enterprise and CFO
- seek the advice of usually with CEOs and CFOs when creating their group’s cybersecurity technique
- defend their group from lack of knowledge
- embed safety into their cloud initiatives
- measure the maturity of their cybersecurity program at the very least yearly.
Organizations stand to scale back the price of breaches by 48% to 71% in the event that they enhance their efficiency to cyber champion ranges, the research mentioned.
There are three measures executives can take to make their organizations change into extra like cyber champions: give CISOs a seat on the prime desk, be threat-centric and business-aligned, and get essentially the most out of a safe cloud, based on the research.
Spending extra on cybersecurity with out being carefully aligned to the enterprise does not make a company safer, famous Jacky Fox, group know-how officer at Accenture Safety. “With regards to managing cyber dangers, organizations cannot afford to lean come what may.”
To attain sustained and measurable cyber resilience, CISOs “want to maneuver away from security-focused silos to allow them to collaborate with the appropriate executives of their organizations to achieve a 360-degree view of the enterprise dangers and priorities,” Fox mentioned.
Accenture Analysis surveyed 4,744 executives representing firms with annual revenues of at the very least $1 billion in 23 industries and 18 international locations throughout North and South America, Europe and Asia Pacific. To outline 4 ranges of cyber resilience, the agency mentioned it performed an evaluation on a pattern subset of three,455 organizations, with cyber champions accounting for five% of these. The research was fielded from March to April 2021.