IT IS A VERY SPECIAL POST I AM WRITING FOR YOU.
Here are some insights I gained when I was studying 'State Of Cybersecurity Report 2020' by Accenture.
This report is about the CYBER RESILIENCY of companies. It begins by stating that-
At first glance, the basics of cybersecurity are improving and cyber resilience is on the rise. Latest research shows that most organizations are getting better at preventing direct cyberattacks. But in the shape-shifting world of cybersecurity, attackers have already moved on to indirect targets, such as vendors and other third parties in the supply chain. It is a situation that creates new battlegrounds even before they have mastered the fight in their own back yard.
This report has identified two distinct groups:
-
The first an elite group—17 percent—that achieve significantly higher levels of performance compared to the rest. These organizations set the bar for innovation and achieve high-performing cyber resilience.
-
The second is the group forming the vast majority of the sample—74 percent—who are average performers, BUT far from being laggards in cyber resilience. This second group has lessons to learn from the leaders while leaders, too, have further room for improvement.
WHAT IS CYBER RESILIENCE?
The cyber-resilient businesses/companies bring together the capabilities of cybersecurity, business continuity and enterprise resilience. They apply fluid security strategies to respond quickly to threats, so they can minimize the damage and continue to operate under attack. As a result, the cyber-resilient companies can introduce innovative offerings and business models securely, strengthen customer trust, and grow with confidence.
5-Key pointers observed were:
-
40% of Leaders were spending more than twenty percent of their IT budget on advanced cybersecurity technologies.
-
Direct attacks are down 11 percent over the last year and security breaches are down by 27 percent, overall.
-
Indirect attacks against weak links in the supply chain now account for 40 percent of security breaches, overall.
-
Most of them said that staying ahead of attackers is a constant battle and the cost is unsustainable.
-
Failures lead to gaps in protection, lower detection rates, longer business impact and more customer data loss. And, their Security investments are failing…
-
I wish to point out to you--
What Are Leaders Doing Differently?
1.Leaders are stopping more attacks.
Leaders are 4-times more successful in stopping the targeted attacks, as only 1 out of 27 targeted attacks was able to breach their security. In contrast, non-leaders are finding that 1 out of 8 targeted attacks was able to breach their security.
When attempting to reduce the number of security breaches, leaders say they benefit most from using the following three cybersecurity technologies: Next-Generation Firewall (NGF); Security Orchestration Automation and Response (SOAR) and Privileged Access Management (PAM).
2. Leaders are finding breaches faster.
88% of leaders were able to detect the breach in less than one day, whereas only 22% of non-leaders were able to do so in less than one day.
When attempting to find security breaches faster, leaders say they benefit most from using the following three cybersecurity technologies: Artificial Intelligence (AI), Security Orchestration Automation and Response (SOAR) and Next-Generation Firewall (NGF). Please notice the AI here clearly!
3. Leaders are fixing breaches faster.
96% of leaders were successful in fixing the breach in 15 days or less, whereas only 36% of non-leaders were able to do so in 15 days or less.
The same set of technologies was giving leaders a clear distinct advantage in fixing the breaches too!
4. Leaders are containing the impact of breaches better.
58% of breaches on leaders made virtual no impact on them. But this figure was only 24% for non-leaders. It means that 76% made impact on them. Actually 50% out of these 76% breaches made moderate to significant impact on the non-leaders.
The same set of technologies made their mark here also…
Very interesting role is played by these technologies:
NGFW - They were really instrumental when it comes to reducing the number of successful attacks.
SOAR - These were really instrumental when it came to detecting the incident more precisely, reducing the inherent risk, shrinking the attack-surface, and reducing the cost overall.
AI - Artificial Intelligence was really instrumental when it came to reducing the impact of the breaches and delivering the consistent quality of the 'response'. AI made significant contribution to effective operations of SOAR technologies too.
Guys, you will be mistaken BADLY if you imagine that the above technologies made all the difference. Because these didn't. There was something bigger at play.
The top three measures of cybersecurity success for leaders emphasize speed. We found that leaders prize:
-
how quickly they can detect a security breach,
-
how quickly they can mobilize their response and
-
how quickly they can get operations back to normal.
Beyond these priorities, leaders also measure the success of their resiliency—how many systems were stopped and for how long—and precision—improving the accuracy of finding cyber incidents.
Leaders also trained their manpower MORE and trained BETTER.
They also collaborated more.
What do you think of this post and matter raised here?
Kindly place your comments.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM