Last September, Accenture published the research “Gaining Ground On the Cyber Attacker 2018 State of Cyber Resilience” and highlighted the doubling of the cyberattacks number suffered by the companies (232 on average in 2018 versus 106 in 2017 at international level), but also the improvement of the companies’ ability to identify and counter these attacks.
The attacks number has more than doubled between 2017 and 2018…
This research deserves attention as it differentiates from many very alarmist reports. If everything is not perfect, in particular due to the ingenuity and increasing complexity of the attacks, the companies continue to improve their defense capacity, were able to strengthen their cyber resilience and stood efficient despite the threats. The companies are able to defend themselves better, particularly by detecting the attacks much earlier.
… But where a third of the attacks were successful in 2017, the part of successful attacks decreased to 1 on 8 (12,5%) in 2018.
A report that blows hot and cold
Security teams have made great progress but there is still more work to be done. Companies now prevent 87% of all targeted attacks, but are still facing two to three security breaches per month on average.
Companies might be cyber resilient in two to three years, but the pressure and the threats’ complexity increase every day. If 90% of the respondents expect the investment in cybersecurity to increase in the next 3 years, only 31% think that it will be sufficient.
The new technologies are essential, but the investments are lagging behind. If 83% of the respondents agreed that new technologies are essential, only two out of five are investing in AI, machine learning and automation technologies.
Confidence around cybersecurity measures remains high, but a more proactive approach of the cybersecurity is needed. If more than 80% of the respondents are confident in their capacity to monitor breaches, on the other hand 71% said that cyberattacks are still a bit of a black box, they do not know how or when they will affect their organization.
The board of directors and management are more engaged with cybersecurity. 27% of cybersecurity budgets are authorized by the board of directors and 32% by the CEO. The role and responsibilities of the CISO must improve towards more transversality in the company.
5 steps to cyber resilience
Accenture highlights five steps to optimize the companies’ defense and move towards the ultimate aim of cyber resilience in a world that continues to change towards new threats territories (artificial intelligence, omnipresence of the cloud, social networks, smartphones, internet of things) for more and more complex threats difficult to counter and a need becoming strategic: the data protection.
- Build a strong foundation by identifying high value assets, in order to better protect them including from internal risks. It is necessary to ensure that controls are implemented throughout the value chain of the company.
- Test the IT security by training cybersecurity teams to the best hackers’ techniques. The role plays staging an attack and defense team with training coaches can allow to bring out the improvement points.
- Employ new technologies. For a company, it is recommended to invest in technologies able to automate cyber defense and in particular to use the new generation of identity management which relies on multi-factor authentication and the user behavior monitoring.
- Be proactive and anticipate threats by developing a strategic team (“threat intelligence”) in charge of evolving an intelligent security operation center (SOC) relying on a collect and mass analysis of the data (“data-driven approach”).
- Evolve the role of the CISO (Chief information security officer). The CISO is closer to professions, they find the right balance between security and risk taking and they communicate more and more with the executive management, which now holds 59% of the security budget versus 33% a year ago.
The Accenture study highlights a real growing awareness on cyber threats by companies, and the implementation of investment to better protect themselves. The race is now launched to tend to cyber resilience, between more and more organized attackers and more and more sophisticated defense system. See you at the end of the year to make an assessment of the forces involved.