Cyber threats lurk behind every corner, in every industry and geography. From run-off-the-mill crooks to sophisticated state-sponsored actors, cybercriminals take every opportunity to exploit weaknesses for quick cash, to exfiltrate data, or to simply disrupt operations, depending on their goal.
Few organizations have all the tools, people and processes needed to fend off wave after wave of motivated attackers. But, according to one recent survey, these cyber-resilient entities exist, and they are a good example for decision makers everywhere to follow.
Based on a survey of more than 4,600 enterprise security practitioners around the globe, Accenture’s Third Annual State of Cyber Resilience study explores the extent to which organizations prioritize security and the efficiency of their efforts. This is called cyber-resilience in infosec circles, and it refers to an entity's ability to deliver the intended outcome despite adverse cyber events.
The poll included 4,644 executives from companies with annual revenues of at least $1 billion in 24 industries and 16 countries spread evenly around the globe. Notably, nearly all respondents were key decision-makers in their organization’s cybersecurity strategy and spending.
‘Leaders’ versus ‘non-leaders’
Despite investing more in advanced cybersecurity technologies over the past three years, only 17% of those surveyed are effectively stopping cyberattacks and finding and fixing breaches fast enough to lessen the impact, the study showed.
Surveyors applied detailed modeling of cybersecurity performance to identify these elite champions that “achieve significantly better results from their cybersecurity technology investments than other organizations.”
Leaders were characterized as among the highest performers in stopping more attacks, finding breaches sooner, fixing breaches faster and reducing breach impact. A second group, comprising 74% of the respondents, was identified as “non-leaders.” These organizations were average performers in terms of cyber resilience. However, as researchers are careful to point out, non-leaders in this survey were no laggards.
Key traits that make a cyber-resilience champion
Leaders were four times more likely than non-leaders to detect a breach in less than a day. When defenses fail, nearly all the leaders fixed breaches in 15 days or less, whereas 64% of non-leaders took 16 days or longer to remediate a breach, with nearly half of them taking more than a month.
The report identifies several more key differences in cybersecurity practices between leaders and non-leaders, including that leaders are nearly three times less likely to have had more than 500,000 customer records exposed through cyberattacks in the last 12 months (15% vs. 44%). Leaders were also more than three times as likely to provide users of security tools with required training for those tools (30% vs. 9%).
Don’t forget your supply chain
Supply chain attacks are not uncommon, especially in industries that rely heavily on service providers. For example, ransomware operators infected hundreds of medical practices in just two highly targeted attacks on their IT services providers last year. It is perhaps no surprise, then, that 83% of respondents believe organizations need to think beyond securing just their own enterprises and take better steps to secure their vendor ecosystems. According to Accenture’s figures, around 40% of breaches come through this route.
The U.S. National Security Agency recently published a report outlining the main classes of cloud vulnerabilities and the ways an organization can go about addressing them. The report identifies supply chain vulnerabilities as the most common, as they reside in source hardware and software from vendors and nations across the globe.
Accenture also makes a few recommendations for organizations looking to up their cyber-resilience game. Chief among them: prioritize technology that focuses on faster detection, response and remediation.