Four security best practices from cybersecurity leaders

17 February 2020 Consultancy.eu

The world is becoming increasingly online and digital, and as a result, the threats of cyber-attacks continue to rise. According to an estimate by the Center for Strategic and International Studies and internet security giant McAfee, cybercrime now costs the world almost a staggering $600 billion in annual damages. 

Fending off cyber-attacks has become a top priority for companies, not just the CIOs and their IT-department, but also for the CEO and all business areas sitting on commercially valuable, or personal data. A new report by Accenture has found that on average, eight out of ten (83%) companies are not effective enough in the way how they safeguard their IT frontiers. 

The remaining 17% of front-running companies, dubbed ‘cybersecurity leaders’, are to the contrary significantly more successful in achieving high-performing cyber resilience. So where are they winning the online battle? Four best practices stand out: they stop more attacks, find breaches faster, fix breaches faster, and are better able to reduce breach impact.

Stop more attacks

Cybersecurity leaders seem able to identify a higher number of direct attacks against them – an average of 239 cyber-attacks per year compared with 166 for non-leaders – while having a much higher success rate in defending against them. These organisations see only nine security breaches per year compared with an average of 22 per year for non-leaders.

Average number of security breaches and targeted cyberattacks for leaders and non-leaders

The reduced number of security breaches compared with the total number of cyberattacks means leaders have nearly a fourfold advantage when dealing with security breaches. When attempting to reduce the number of security breaches, leaders say they benefit most from using the following three cybersecurity technologies: Next-Generation Firewall (NGF), Security Orchestration Automation and Response (SOAR), and Privileged Access Management (PAM).

Find breaches faster

Time is critical when it comes to detecting a security breach, and leaders have distinct advantages, with 88 percent able to detect a security breach in less than one day on average. The remaining 12 percent said they were able to detect security breaches in seven days or less. Only 22 percent of non-leaders can detect security breaches with similar speed, while most (78 percent) take up to seven days or more.

Average time to detect a security breach

When attempting to find security breaches faster, leaders say they benefit most from using the following three cybersecurity technologies: Artificial Intelligence (AI), Security Orchestration Automation and Response (SOAR) and Next-Generation Firewall (NGF).

Fix breaches faster

Maintaining business continuity and rapid recovery speeds are other important aspects of cybersecurity resilience where leaders have clear advantages. 96 percent of them plug security breaches in 15 days or less on average. This majority response compares with only 36 percent of non-leaders able to remediate security breaches in the same amount of time. This means 64 percent take 16 to 30 days or more to remediate a security breach, on average.

Average time taken to remediate a security breach

Leaders, when finding security breaches faster, say they benefit most from using the following three cybersecurity technologies: Security Orchestration Automation and Response (SOAR), Artificial Intelligence (AI) and NextGeneration Firewall (NGF). 

Reduce breach impact

Speed of recovery is essential in minimising the damage of a security breach and the level of impact on the organisation is another important performance factor. Leaders stated that 83 percent of all security breaches resulted in either no impact or a minor impact. And when you look at the remaining security breaches, 10 percent are moderate impact and 6 percent are significant.

Security breaches by level of impact

In terms of timing, this translates to a moderate security breach every 13 months, on average, and a significant breach every 22 months or so on average. In comparison, non-leaders have lower levels of performance, with 50 percent of security breaches delivering a moderate or significant impact. 

When trying to limit the impact of security breaches, leaders say they benefit most from using the following three cybersecurity technologies: Artificial Intelligence (AI), NextGeneration Firewall (NGF) and Security Orchestration Automation and Response (SOAR).

More on: Accenture
Europe
Company profile
Accenture is not a Europe partner of Consultancy.org
Partnership information »
Partnership information

Consultancy.org works with three partnership levels: Local, Regional and Global.

Accenture is a Local partner of Consultancy.org in Middle East, Africa, South Africa, Netherlands and Canada.

Upgrade or more information? Get in touch with our team for details.