2018 State of Cyber Resilience
Download as PPTX, PDF1 like66,318 views
The 2018 State of Cyber Resilience report indicates that while security teams have made progress against cyber attacks, the frequency of breaches has more than doubled, necessitating improvements in monitoring, detection, and prevention. The report outlines five strategies for enhancing cyber resilience, including strengthening foundational security measures, using advanced technologies, and increasing CEO and board engagement with cybersecurity. Ultimately, organizations can achieve cyber resilience within two to three years with continued investment and transformation in their security frameworks.
2018 State of Cyber Resilience
- 1. GAINING GROUND ON THE CYBER ATTACKER2018 State of Cyber Resilience
- 2. Copyright © 2018 Accenture. All rights reserved. 2 SECURITY TEAMS HAVE MADE PROGRESS DEFENDING AGAINST CYBER ATTACKS. BUT MORE NEEDS TO BE DONE.
- 3. As the number of attacks more than doubles, monitoring, detection and prevention: • improves cyber resilience • helps organizations perform better under pressure. IMPROVING CYBER RESILIENCE Copyright © 2018 Accenture. All rights reserved. 3 70% successfully defended 32 30 106 232 2017 2018 Security breaches Targeted attacks 87% successfully defended
- 4. GAIN GROUND ON THE CYBER ATTACKER. Copyright © 2018 Accenture. All rights reserved. 4 FIVE WAYS TO BECOME CYBER RESILIENT.
- 5. Despite progress, the basics still need attention Copyright © 2018 Accenture. All rights reserved. 5 1 Be brilliant at the basics. Protect valuable assets, from the inside out, across the value chain. • Harden your high-value assets • Protect legacy applications • Practice your response CISOs say 1/3 of their organization is not protected by their cybersecurity program. 33%
- 6. More damaging security breaches accelerate the need for cyber resilience Copyright © 2018 Accenture. All rights reserved. 6 2 Test your resilience, like an attacker. Enhance conventional red attack and blue defense team testing. • Coached incident simulation • Threat intelligence • Experienced player-coaches 72% Say it is not possible to appear “strong, prepared and competent” if security is breached
- 7. More need to invest in critical technologies against new threats Copyright © 2018 Accenture. All rights reserved. 3 Employ advanced technologies to automate defenses. Prepare for attackers who use advanced technology. • Automated orchestration capabilities enable teams to respond in near real-time • Advanced identity access management controls user access to data say new technologies are essential to securing the future of the organization. 83% 7
- 8. Confidence remains high but a proactive approach is needed Copyright © 2018 Accenture. All rights reserved. 4 Use intelligence and data to be proactive with threat hunting. Find the attackers before they find you. • Adopt a continuous response model • Develop strategic and tactical threat intelligence • Monitor for anomalous and suspicious activity say cyber attacks are still a “bit of a black box; we do not know how they will affect our organization.” 71% 8
- 9. Higher CEO and board engagement place new demands on the CISO Copyright © 2018 Accenture. All rights reserved. 5 The CISO needs to adapt. Evolve the role of the CISO to be more integrated with the business. • Business adept and tech-savvy • At home in the C-suite and the security center • Able to infuse a ‘security first’ culture everywhere 33% 30% 22% CEO BOARD CIO Who does the CISO report directly to? 9
- 10. Copyright © 2018 Accenture. All rights reserved. 10 SECURITY FROM THE INSIDE OUT Security teams perform better, despite more attacks. Leaders should embrace the good news Investments are proving to be wise. Organizations show they can perform better under greater pressure. But transformation does not end here Improvements must continue. Organizations could achieve cyber resilience within two to three years.
- 11. Copyright © 2018 Accenture. All rights reserved. 11 ABOUT THE RESEARCH 2018 STATE OF CYBER RESILIENCE In 2017, Accenture Security surveyed 2,000 executives to understand the extent to which organizations prioritize security, how comprehensive their security plans are, what security capabilities they have, and their level of spend on security. Just over a year later, Accenture Security undertook a similar survey, this time interviewing 4,600 executives—representing organizations with annual revenues of $1bn or more—from 19 industries and 15 countries across North and South America, Europe and Asia Pacific. More than 98 percent of respondents were sole or key decision-makers in cybersecurity strategy and spending for their organization. LEARN MORE accenture.com/stateofcyber
- 12. Copyright © 2018 Accenture. All rights reserved. 12 About Accenture Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network— Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 442,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com About Accenture Security Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organization’s valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit the Accenture Security blog.