Photo via Accenture

Only 17% of Organizations Globally Considered “Leaders” in Cyber Resilience, According to Accenture Study

Originally posted on Accenture.com

Despite higher levels of investment in advanced cybersecurity technologies over the past three years, less than one-fifth of organizations are effectively stopping cyberattacks and finding and fixing breaches fast enough to lower the impact, according to a new report from Accenture (NYSE: ACN).

Based on a survey of more than 4,600 enterprise security practitioners around the globe, Accenture’s Third Annual State of Cyber Resilience study explores the extent to which organizations prioritize security, the effectiveness of current security efforts, and the impact of new security-related investments.

From detailed modeling of cybersecurity performance, the study identified a group of elite “leaders” — 17% of the research sample — that achieve significantly better results from their cybersecurity technology investments than other organizations. Leaders were characterized as among the highest performers in at least three of the following four categories: stop more attacks, find breaches faster, fix breaches faster and reduce breach impact. The study identified a second group, comprising 74% of the respondents, as “non-leaders” — average performers in terms of cyber resilience but far from being laggards.

“Our analysis identifies a group of standout organizations that appear to have cracked the code of cybersecurity when it comes to best practices,” said Kelly Bissell, who leads Accenture Security globally. “Leaders in our survey are far quicker at detecting a breach, mobilizing their response, minimizing the damage and getting operations back to normal.”

For instance, leaders were four times more likely than non-leaders to detect a breach in less than one day (88% vs. 22%). And when defenses fail, nearly all (96%) of the leaders fixed breaches in 15 days or less, on average, whereas nearly two-thirds (64%) of non-leaders took 16 days or longer to remediate a breach — with nearly half of those taking more than a month.

“When a cyberattack prevents a pharmaceutical company from manufacturing drugs or a ship from docking at port — those are the kinds of crippling business impacts we’re most concerned about helping our clients avoid,” said Ryan LaSalle, who leads Accenture Security in North America. “If investments in technology don’t hit the mark when it comes to defending against cyberattacks, C-suite executives are not only jeopardizing their operations and finances but their brands and reputations as well.”

Photo via Accenture.com

Among the key differences in cybersecurity practices between leaders and non-leaders, the report identified:

  • Leaders focused more of their budget allocations on sustaining what they already have, whereas the non-leaders place significantly more emphasis on piloting and scaling new capabilities.
  • Leaders were nearly three times less likely to have had more than 500,000 customer records exposed through cyberattacks in the last 12 months (15% vs. 44%).
  • Leaders were more than three times as likely to provide users of security tools with required training for those tools (30% vs. 9%).

The study also found that more than four in five respondents (83%) believe that organizations need to think beyond securing just their own enterprises and take better steps to secure their vendor ecosystems. Additionally, while cybersecurity programs designed to protect data and other key assets are only actively protecting about 60% of an organization’s business ecosystem, which includes vendors and other business partners, 40% of breaches come through this route.

“The sizable number of vendor relationships that most organizations have poses a significant challenge to their ability to monitor that business ecosystem,” Bissell said. “Yet, given the large percentage of breaches that originate in an organization’s supply chain, companies need to ensure that their cyber defenses stretch beyond their own walls.”

Photo via Accenture

To learn more about the research, download the Third Annual State of Cyber Resilience study here.

Latest News

5 Biggest News Stories of the Week: June 23

Updated on June 24, 2022.  As the saying goes, the news never stops — but there’s a lot of it out there, and all of it doesn’t always pertain to our readers. In this weekly news roundup, we’ll cover the top news stories that matter most to our diversity focused…

How Feelings of Loneliness Can Affect Employees

As employees begin to return to the office – some part-time, some full-time – a clearer understanding is emerging of how severely COVID-19 impacted mental health. Among the many changes employees said they experienced while working remotely, the most common were feelings of loneliness caused by long periods of isolation….

Champions of Pride Part Two: Entertainers

Pride Month is a time to reflect on the trailblazers, freedom fighters, and history makers who fought valiantly to increase inclusion and representation for the LGBTQ community, and who have paved a way for a better tomorrow for future generations. In Part Two of our four-part series celebrating Champions of…

Educating Your Workforce on Juneteenth

Even as Juneteenth officially became a federal holiday in 2021, many employers likely have large portions of their workforce who remain unfamiliar with the details of the holiday. This month provides the perfect opportunity to explain the significance of Juneteenth not only for Black Americans but for all Americans. The…

5 Biggest News Stories of the Week: June 16

As the saying goes, the news never stops — but there’s a lot of it out there, and all of it doesn’t always pertain to our readers. In this weekly news roundup, we’ll cover the top news stories that matter most to our diversity focused audience. 1. Buffalo Supermarket Shooter…