Cyber Resilience Benchmarks - Missed

Uploaded on 2020-04-14 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

In its 3rd Annual State of Cyber Resilience Survey the experts at Accenture questioned 4,644 executives representing companies with annual revenues of at least $1 billion. They came from 24 industries and 16 countries across North and South America, Europe, and Asia Pacific. Nearly all respondents (98%) were the sole or key decision maker regarding their organisation’s cyber security strategy and spending.

The survey found that some organisations are getting better at security basics with direct attacks down 11% compared to last year and security breaches dropped 27%. It also found that most companies, on average, spend 10.9% of their IT budgets on cybersecurity and they are spending their money wisely investing in advanced technologies like Artificial Intelligence and Machine Learning, and automation. 

According to Accenture, 84% of organisations spend more than 20% of their cyber security budgets on tools that use these advanced technologies for detection and response. This is up from 67% of cyber security spending three years ago.

Companies that want to compete must go digita, but the digital world has become complex andp rotecting against online threats, via cyber security, is a tough problem for businesses large and small.  

The top firms make the most of their security investments, but the worst have much lower threat detection rates, great adverse impacts and downtimes after a cyberattack, and more customer data being exposed. Accenture says companies experience an average of 22 security incidents annually, which equals a potential saving of $6 million per year for the least capable.

Here are four things that separate the leaders from the laggards:

1.They use the right metrics.
As costs rise and the number of third-party threats grows, it's even more critical that the money spent on security actually delivers effective and efficient results. Companies that get digital right spend to enhance operational speed, extract value from new investments, and sustain what they have. 

The least capable companies focus on measuring their cyber resilience, but the leaders want to know how quickly they're getting to that destination. 

According to Accenture, leaders take pride in how fast they can detect a security breach, mobilise a response, and return to business as normal. They also measure their resiliency, the number of systems that were compromised or stopped, and for how long, and how accurately they were able to pinpoint cyber incidents.  While leaders look for speed of threat detection, mitigation, and recovery, the non-leaders are more concerned with the outcomes they want to achieve: cyber operational technology resilience, repetition (the portion of breaches that come from repeated attempts of the same type), and cyber IT resiliency.

The non-leaders ought to rethink their priorities to gauge and ramp up how fast they detect, respond, and recover from cyber threats. They should replicate the methods leaders use to assess cybersecurity performance to attain higher levels of resilience.

2. They value speed.
Bouncing back from a security incident quickly is critical to minimising damage and reducing the impact on the organisation. That's why leaders who embrace speed say that 83% of the security incidents they experienced made little or no impact on their organisation's operations.

The leaders make the most of current technology. Artificial intelligence and machine learning was cited as the No. 1 source to detect and respond to incidents quickly. Such tools enable security leaders to find and remediate damage nearly three times faster than companies that don't use such tools, the report finds.The non-leaders should think hard about putting money into technologies that enable them to measure their cybersecurity performance through metrics such as faster detection, faster mitigation, and shorter recovery times.

There are numerous security vendors and effective tools avialble and  there's no time to waste in mitigating the effects of an attack. Companies must carefully scrutinise their security-provider service-level agreements and make sure they align with the company's needs.

3. They reduce impacts.
The third point relates to the second, in that failing to take advantage of the most advanced security technology means that attacks can last longer and create greater disruption and higher costs for an organisation. 

Fifty-five percent of the top companies had a business impact that lasted for more than a day. Nearly all (93%) of the laggards made the same claim. Getting the organisational impact down to less than a day is hard, even the leaders struggle to do it, but right now it's a more urgent challenge for the non-leaders who have plenty of room to up their game.

One of the principal reasons for failure is that many organisations operate with low degrees of security automation and rely on humans to fend off attacks.  Human error is one of the most common reasons for things to go badly wrong.

That's why, over the last year, 13% of the security leaders faced charges of regulatory violations versus 19% of the non-leaders. Also, 19% of the latter incurred fines, as opposed to only 9% of leaders. As the EU's General Data Protection Regulation can levy fines of over $100 million for violations, it's clear that noncompliance could result in fines that are even higher than the already considerable downtime costs.

4. They're team players.
When asked about how much collaboration matters, 79% of the respondents in the Accenture survey opined that working with law enforcement, government, and the broader security community will be essential to fighting cybercrime in the future. 
Organisations that are best employ more than five ways to unite strategic partners, the security community, and internal resources to grow awareness and understanding of cybersecurity issues, are twice as good at protecting themselves against attacks than those who take a less-thorough approach.

Corporate governance is also undergoing some changes and reporting security to CEOs has increased by 8 percentage points, but reporting to the board has shrunk by 12%. 

Direct reports to the CIO are down about 5% year-on-year, reducing a possible conflict of interest between both realms, with a general drift to the CTO of about 10% over the same period, the Accenture report highlights. Employee training is one of the more larger areas for improvement. Thirty percent of the security leaders said they train more than three-quarters of the people who need training on new security tools. Among non-leaders, the figure is only 9%.

Conclusion
If there's anything the Accenture report shows, it's that everyone, even the security leaders, can do better. Whether they are leaders or laggards, organisations should look at hard at where they're falling short and make every effort to improve.
Ultimately Accenture identified three key differences: 

  • Leaders invest for operational speed. They prioritise how quickly they can detect a breach, how quickly they can mobilise their response, and how quickly they can get operations back to normal. 
  • Leaders scale, train, and collaborate more than non-leaders to increase the value of their security investments. 
  • Leaders place more emphasis on maintaining existing investments and performing better at security basics.

In every case, putting money into boosting operational speed, extracting value from security investments, and stewarding what they have will put an organisation on the right road to effective cyber security. 

Those who do this best tend to choose advanced technologies that help them detect and respond to cyber-attacks fast. Once they settle on a security solution, they roll it out quickly. Indeed, the number of leaders who invest over one-fifth of their budget in advanced technologies has grown twofold over the past three years. As a result, these leaders have become more confident in their ability to extract more value from their investments and are outperforming companies that don't take the same rigorous, proactive approach to cyber security.

Accenture:      Dark Reading:      IT Governance:       SDX Central:      TechRepublic

You Might Also Read: 

Why Cyber Training Is So Important For Business:


 

« Experts Aim To Combat COVID-19 Cyber Attacks
5G Security: Possible Risks & Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Nmap Project

Nmap Project

Nmap Project is a Free and open source tool for network discovery, administration, and security auditing.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO is an IT security specialist with a focus in three areas - technology management, managed security services, security consulting and auditing.

Riskified

Riskified

Riskified is a leading eCommerce fraud-prevention company, trusted by hundreds of global brands – from luxury fashion houses and retail chains, to gift card and ticket marketplaces.

Stealthbits Technologies

Stealthbits Technologies

Stealthbits Technologies is a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

ShiftLeft

ShiftLeft

ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

UNS Inc.

UNS Inc.

UNS is a top services partner for multiple leaders in the global cybersecurity industry – we do business in 40 countries, including the United States, Canada, Chile, and Colombia.

Infiot

Infiot

Infiot is a pioneer in enabling secure, reliable access with zero trust security, network optimization, edge-intelligence and AI driven operations for all remote users, devices, sites and cloud.

Suffescom Solutions

Suffescom Solutions

Suffescom Solutions is a leading blockchain development company, assisting businesses in harnessing the true potential of blockchain technology.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.