The Disconnect Between Breaches and Solutions
-
The Disconnect Between Breaches and Solutions
Security executives are confident in their ability to protect their enterprise, even though the average company suffers two or three cyber-attacks a month. -
Vulnerable but Confident
75% of the security practitioners surveyed are confident that they can protect their organization from cyber-attacks, despite the fact that one-third of attacks resulted in security breaches during the past year. -
Ineffective Investments
44% to 54% of respondents would spend more money on the same efforts they're making now to combat breaches, even though those efforts are failing to prevent breaches. -
Look Inside
Survey respondents said internal breaches have the greatest impact, yet 58% prioritize increased capabilities and perimeter-based controls over high-impact internal threats. -
Makeshift Monitoring
Only 37% said they are confident in their ability to monitor breaches, and just 36% said the same about minimizing disruptions. -
Security Priorities
Protecting the company's reputation: 54%, Safeguarding company data: 47%, Protecting customer information: 44% -
Bottom-Line Impact
Only 28% of respondents would invest extra funds to mitigate against financial losses, and only 17% would invest in cyber-security training. -
A Job for Everyone
The survey respondents said that 98% of the breaches that were not detected by the security team were discovered by employees. So make security everyone's job. -
Training and Talent
In a separate survey, Accenture found that 42% of respondents said they have a sufficient budget for security technology, but they need more money for training and for re failing to prevent breaches. -
Engage With Top Leaders
Even though cyber-security is on company agendas, many CISOs feel locked out of the C-suite. They should navigate beyond their comfort zones and engage daily with leaders to discuss business issues at the core of cyber-security. -
Build on Business Needs
Organizations that tie cyber-security efforts to real business needs will gain confidence in their ability to deal with cyber-threats.
The average company suffers two or three security breaches a month, a new survey reveals, and yet a majority of security executives said they are confident in their ability to protect their enterprises from cyber-attacks. The report, "Building Confidence: Facing the Cyber-Security Conundrum," was conducted by Accenture and surveys approximately 2000 enterprise security practitioners in 15 countries, representing companies with annual revenues of $1 billion or more. The survey shows a disconnect between the respondents' perceptions of cyber-risks, the effectiveness of security efforts and the adequacy of their investments. "Our survey reveals that catching criminal behavior requires more than the best practices and perspectives of the past," said Kevin Richards, managing director, Accenture Security, North America. "There needs to be a fundamentally different approach to security protection, starting with identifying and prioritizing key company assets across the entire value chain. The need for organizations to take a comprehensive end-to-end approach to digital security—one that integrates cyber-defense deeply into the enterprise—has never been greater."