-optimized.jpg){kind=avatar}
In the past 12 months, roughly one in three targeted attacks resulted in an actual security breach, which equates to two to three effective attacks per month for the average company. Still, a majority of security executives (75 percent) surveyed are confident in their ability to protect their enterprises from cyberattacks.
That said, only slightly more than one-third (37percent) of respondents say they are confident in their ability to perform the essential activity of monitoring for breaches and only a similar number (36 percent) say the same about minimizing disruptions, according to the services firm Accenture.
In the report titled โBuilding Confidence: Facing the Cybersecurity Conundrum,” Accenture surveyed 2,000 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries about their perceptions of cyber risks, the effectiveness of current security efforts and the adequacy of existing investments. The survey reveals that the length of time taken to detect these security breaches often compounds the problem, as more than half of executives (51 percent) disclose that it takes months to detect sophisticated breaches, and as many as a third of all successful breaches are not discovered at all by the security team.
Kevin Richards, managing director, Accenture Security, North America said: โCyberattacks are a constant operational reality across every industry today and our survey reveals that catching criminal behavior requires more than the best practices and perspectives of the past. There needs to be a fundamentally different approach to security protection starting with identifying and prioritizing key company assets across the entire value chain. It is also clear that the need for organizations to take a comprehensive end-to-end approach to digital security โ one that integrates cyber defense deeply into the enterprise โ has never been greater.โ
Visit: www.accenture.com/cybersecurityreport.
Meanwhile Accenture has completed its acquisition of Redcore, a privately-held Australia-based consulting company that specialises in identity and access management services (IAM), plus security services for cloud, network management, public key infrastructure, cyber defence, applications and the Internet of Things.
Comment
Richard Parris, CEO of British cybersecurity company, Intercede, said: “Accentureโs report that one-third of targeted attempts to breach corporationsโ cyber defences succeed is alarming, but more worrying is that 98 percent of breaches are reported by employees outside the security team. Itโs the security teamโs bread and butter to be able to identify and address cyber breaches as, and when, they happen – after the event is often too late as sensitive customer and company information has been leaked and shared online. Security professionals need to know who and what is trying to access their network and data in order to be able to defend against attack.
โUnfortunately too much time is still spent โmopping upโ after a breach in many businesses. With the continued reliance by many companies on insecure username and passwords to protect valuable data, it is an almost impossible task for the security team to keep track of who and what is accessing the network. But it doesnโt need to be this way โ there are infinitely more secure identity management solutions available that will enable the CISO to know that if employee โXโ is logging onto the network, that it is the real employee โXโ, and not an imposter.
โOne of the big challenges in the UK is for the Government to lead by example. There are very sophisticated approaches and technologies being used by other governments around the world to make sure only authorised individuals and machines can access highly sensitive data. Phillip Hammondโs announcement that an extra ยฃ1.9bn will be invested in Britainโs cybersecurity strategy is welcome news, but the Government now needs to ensure it puts its rhetoric into action and set the standard for cyber security in the UK.”
