accenture

New Accenture Study Finds 87 Percent of Focused Cyberattacks are Prevented

Study Finds 87 Percent of Focused Cyberattacks are Prevented

Yet, organizations still experience 30 cyber breaches per year, signaling need for more investment in innovative technologies to further improve cyber resilience

NEW YORK; April 16, 2018 – With ransomware and distributed denial of service (DDoS) attacks on the rise, the average number of focused cyberattacks per organization has more than doubled this year compared to the previous 12 months (232 through January 2018 versus 106 through January 2017). In the face of these growing cyber threats, organizations are demonstrating far more success in detecting and blocking them, according to a new study from Accenture (NYSE: ACN).

Yet, despite making significant progress, only two out of five organizations are currently investing in breakthrough technologies like machine learning, artificial intelligence (AI) and automation, indicating there is even more ground to be gained by increasing investment in cyber resilient innovations and solutions.

The study was conducted from January to mid-March 2018 and investigated focused attacks defined as having the potential to both penetrate network defenses and cause damage, or extract high-value assets and processes from within organizations. Despite the increased pressure of ransomware attacks, which more than doubled in frequency last year, the study found organizations are upping their game and now preventing 87 percent of all focused attacks compared to 70 percent in 2017. However, with 13 percent of focused attacks penetrating defenses, organizations are still facing an average of 30 successful security breaches per year which cause damage or result in the loss of high-value assets.

“Only one in eight focused cyberattacks are getting through versus one in three last year, indicating that organizations are doing a better job of preventing data from being hacked, stolen or leaked,” said Kelly Bissell, managing director of Accenture Security. “While the findings of this study demonstrate that organizations are performing better at mitigating the impact of cyberattacks, they still have more work to do. Building investment capacity for wise security investments must be a priority for those organizations who want to close the gap on successful attacks even further. For business leaders who continue to invest in and embrace new technologies, reaching a sustainable level of cyber resilience could become a reality for many organizations in the next two to three years. That’s an encouraging projection.”

Security Teams Find Breaches Faster

It’s also taking less time to detect a security breach; from months and years to now days and weeks. On average, 89 percent of respondents said their internal security teams detected breaches within one month compared to only 32 percent of teams last year. This year, 55 percent of organizations took one week or less to detect a breach compared to 10 percent last year.

Although companies are detecting breaches faster, security teams are still only finding 64 percent of them, which is similar to last year, and they’re collaborating with others outside their organizations to find the remaining breaches. This underscores the importance of collaborative efforts among business and government sectors to stop cyberattacks. When asked how they learn about attacks that the security team has been unable to detect, respondents indicated that more than one-third (38 percent) are found by white-hat hackers or through a peer or competitor (up from 15 percent, comparatively, in 2017). Interestingly, only 15 percent of undetected breaches are found through law enforcement, which is down from 32 percent the previous year.

Addressing Cybersecurity from the Inside Out

On average, respondents said only two-thirds (67 percent) of their organization is actively protected by their cybersecurity program. And, while external incidents continue to pose a serious threat, the survey reveals that organizations should not forget about the enemy from within. Two of the top three cyberattacks with the highest frequency and greatest impact are internal attacks and accidentally published information.When asked which capabilities were most needed to fill gaps in their cybersecurity solutions, the top two responses were cyber threat analytics and security monitoring (46 percent each). Organizations realize the benefits derived from investing in emerging technologies. A large majority of respondents (83 percent) agree that new technologies such as artificial intelligence, machine or deep learning, user behavior analytics, and blockchain are essential to securing the future of organizations.Five steps organizations can take to achieve cyber resilience include:

  1. Build a strong foundation. Identify high value assets and harden them. Ensure controls are deployed across the organizational value chain, not just the corporate function.
  2. Pressure test resilience like an attacker. Enhance red defense and blue defense teams with player-coaches that move between them and provide analysis on where improvements need to be made.
  3. Employ breakthrough technologies. Free up investment capacity to invest in technologies that can automate your defenses. Utilize automated orchestration capabilities and advanced behavioral analytics.
  4. Be proactive and use threat hunting. Develop strategic and tactical threat intelligence tailored to your environment to identify potential risks. Monitor for anomalous activity at the most likely points of attack.
  5. Evolve the role of CISO. Develop the next generation CISO — steeped in the business and balancing security based on business risk tolerance.

For the 2018 State of Cyber Resilience study, Accenture surveyed 4,600 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries. The purpose of the study is to understand the extent to which companies prioritize security, the effectiveness of current security efforts and the adequacy of existing investments. More than 98 percent of respondents were sole or key decision-makers in cybersecurity strategy and spending for their organization. For the purposes of this research, a cyber resilient business applies fluid security strategies to respond quickly to threats, to minimize damage and continue to operate under attack. It can therefore introduce innovative offerings and business models securely, strengthen customer trust, and grow with confidence.

About Accenture

Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 442,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.

Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organizations’ valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.

CloudBuzz

The latest in curated technology related news collected from many of the leading news distribution, industry research and technology vendor firms on the planet.

Here you will find recent news sources from companies such as Reuters, Marketwired, IDC, Gartner or directly from cloud vendors such as Google, Microsoft or Amazon.

5 Reasons to Head for the Cloud – Part 1

5 Reasons to Head for the Cloud – Part 1

Head for the Cloud Last month Salesforce held its 14th annual Dreamforce event in San Francisco. It has become the ...
Global Public Cloud Spending To Double By 2020

Global Public Cloud Spending To Double By 2020

The Cloud and Endpoint Modeling The worldwide migration of IT resources to the public cloud continues, at a head-spinning pace ...
Combatting Malware in the Cloud Requires a New Way of Thinking

Combatting Malware in the Cloud Requires a New Way of Thinking

Malware in the Cloud It’s no secret that cloud adoption has exploded in the enterprise over last few years. However, ...
Four Trends Driving Demand For Data Security In 2017

Four Trends Driving Demand For Data Security In 2017

Data Security Trends 2017 will be a hallmark year for security in the enterprise as all industries have reached a ...
The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the ...
Bryan Doerr

Can You Afford the Risk of Not Going to the Cloud?

Risk of Not Going to the Cloud If you’re considering a migration to a public cloud environment, you’re most likely ...
The Fraud Management Solutions Market Will Exceed $10 Billion By 2023

The Fraud Management Solutions Market Will Exceed $10 Billion By 2023

Estimates of the cost of fraud vary widely, but almost everyone agrees that the cost is huge and appears to be increasing. Looking just at eCommerce, Forrester predicts that US and Western European eCommerce fraud ...
Amazon, MLB add machine-learned stats to cloud deal

Amazon, MLB add machine-learned stats to cloud deal

SAN FRANCISCO (Reuters) - Amazon.com Inc will provide a new set of real-time statistics and graphics on live baseball games later this season, expanding its cloud computing deal with U.S. Major League Baseball, the two ...
Worldwide Spending on Blockchain Forecast to Reach $11.7 Billion in 2022, According to New IDC Spending Guide

Worldwide Spending on Blockchain Forecast to Reach $11.7 Billion in 2022, According to New IDC Spending Guide

FRAMINGHAM, Mass., July 19, 2018 – Worldwide spending on blockchain solutions is forecast to reach $11.7 billion in 2022, according to a new update to the Worldwide Semiannual Blockchain Spending Guide from International Data Corporation (IDC). IDC expects ...