While breaches continue to be a risk for organizations of all sizes, there is reason for optimism, according to Accenture’s 2018 State of Cyber Resilience report released on April 16.
Accenture Security surveyed 4,600 executives from large organizations around the world to gauge that state of cyber-security attacks and readiness and found that the volume of targeted attacks more than doubled in 2017 to 232 on average, up from 106 in Accenture’s 2017 report. On a positive note, organizations were able to block 87 percent of attacks, up from 70 percent in 2017.
“The most pleasant surprise was the upturn in performance across a number of measures, which resulted in better defense against attacks,” Ryan Lasalle, global managing director of Growth & Strategy at Accenture Security, told eWEEK. “This is the first time we have seen such measured improvement of organizations gaining ground on cyber-attackers.”
There are a number of areas where organizations have improved their cyber-resilience as they get better at detection, prevention and collaboration, Lasalle said.
“Investments and maturity across a range of 33 cyber-security capabilities have resulted in a 42 percent improvement, with the average organization now performing well in 19 cyber-security capabilities, compared with only 11 in 2017,” he said. “This is significant while recognizing there is still room for improvement.”
Along with the changes in cyber-security maturity have come changes in reporting structure and governance. Accenture found that two-thirds of CEOs and boards now have direct oversight over cyber-security. Lasalle said cyber-security budget authorization is also elevated, with CEOs and boards now approving 59 percent of funding requests, compared with only 33 percent in 2017.
In contrast, Accenture found that the CIO has less control over funding, with a drop in budget authorization to 29 percent in the new report versus 35 percent last year.
One area where organizations are not investing enough is in artificial intelligence (AI) and automation capabilities. According to Accenture, only two out of five companies are investing in machine learning, AI and automation to evolve their security programs.
“AI and machine learning can provide a reliable, consistent and automated way to monitor for unusual behavior and control the process of access provisioning,” Lasalle said. “They can scale the defenders and enable smarter automation to detect better and respond faster.”
While the 2018 Accenture study revealed gains in cyber-resilience, Lasalle said there is still work to be done. Many organizations still need to better identify their most valuable assets and harden them to attack, he said.
“We know that many of the assets and value of an enterprise live outside the IT estate, like control systems, and that represents a significant next horizon for defenders,” Lasalle said.
Lasalle also noted that conventional methods of testing resilience have some deficiencies. As such, Accenture recommends that organizations engage experienced “player-coaches” to use threat intelligence and advanced adversary simulation to bring a new level of realism to testing defenses.
“We also know that cyber-attackers are starting to use advanced technologies like machine learning to hone their attacks, but the same technologies can also be used, with others, to automate and orchestrate more intelligent defense,” he said. “The results also point to the need for more effective use of actionable threat intelligence to become more proactive in hunting down potential attackers to find them before they find you.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.