资源描述
Executive SummaryGAINING GROUND ON THE CYBER ATTACKER2018 State of Cyber ResilienceCLOSING THE GAP ON CYBER ATTACKS 3IMPROVING CYBER RESILIENCE 4TRANSFORMING SECURITY 6FIVE STEPS TO CYBER RESILIENCE 18SECURITY FROM THE INSIDE OUT 26CONTENT2018 State of Cyber Resilience Executive Summary2Organizations are gaining ground on the damaging impact of cyber attacksand proving that recent security investments are paying off. Despite the number of targeted cybersecurity attacks doubling, organizations are improving cyber resilience and showing they can perform better under greater pressure. But there is more work to be done. Now is the time to build on this momentum by drawing on investment capacity to fully realize the benefits of cyber resilience.Accenture research reveals the five steps that can help business leaders not only close the gap on cyber attackers, but also continue to transform and embed security into the fabric of their organizations within the next two to three years.CLOSING THE GAP ON CYBER AT TACKS3 2018 State of Cyber Resilience Executive SummaryImproving cyber resilienceIMPROVING CYBER RESILIENCEThe digital revolution continues to transform the way we work and live. This puts innovation and growth at the heart of the business agenda for CEOs and boards globally. To ensure lasting success, executives should transform their existing organizations while developing new digitally enabled opportunities at the same time. But, this can increase the attack surface and make their organizations more vulnerable to the threat of cyber attacks. An attack needs to be successful only once, whereas organizations cyber resilience needs to be effective every timeand it has significantly improved over the last year. Despite the increased pressure from attackswith ransomware attacks, for example, more than doubling last year1organizations are demonstrating far more success in heading them off. Only one in eight focused attacks (see page 5) are getting through in 2018, compared with the one in three that caused considerable disruption to organizations just over a year ago. And CISOsas well as the C-suite and the boardcan take much of the credit, as cybersecurity capabilities, ranked according to performance levels, have improved 42 percent since last year.Interestingly, the digital technologies that created market disruption and spawned the next wave of successful cyber attacks are also proving to be part of the solution to tackling cybersecurity. The research shows that 83 percent of survey respondents believe that breakthrough technologies, such as artificial intelligence (AI), machine or deep learning, user behavior analytics, and blockchain, are essential to securing the future of their organizations. Indeed, it is breakthrough technologies that will drive the next round of cyber resiliencealthough only two out of five business leaders are already investing in areas like machine learning/AI and automation. C-level executives and board directors should take heart; the analysis shows their growing support for cybersecurity in recent years is starting to pay dividends and, as a result, business leaders are gaining ground on cyber attackers. To continue to progress, C-level executives need to build on this momentum to fully realize the benefits of investments in cyber resilience. Indeed, the prospect of embedding cybersecurity into the fabric of the business could soon become a reality, especially for leaders who keep pace with change and continue to invest in breakthrough technologies.1 2017 Cost of Cyber Crime Study, Accenture and the Ponemon Institute.2018 State of Cyber Resilience Executive Summary4What is cyber resilience? The cyber-resilient business brings together the capabilities of cybersecurity, business continuity and enterprise resilience. It applies fluid security strategies to respond quickly to threats, so it can minimize the damage and continue to operate under attack. As a result, the cyber-resilient business can introduce innovative offerings and business models securely, strengthen customer trust, and grow with confidence.Targeted cyber attacksCyber attacks take many forms and have different degrees of impact. The average organization is subjected to a daily deluge of hundredsif not thousandsof speculative attacks, which are handled by mature security technologies, such as firewalls. For the purposes of this Accenture research, we investigated targeted cyber attacks which have the potential to both penetrate network defenses and cause damage to or extract high-value assets and processes from within the organization.About the researchIn 2017, Accenture Security surveyed 2,000 executives to understand the extent to which organizations prioritize security, how comprehensive their security plans are, what security capabilities they have, and their level of spend on security. Just over a year later, Accenture Security undertook a similar survey, this time interviewing 4,600 executives representing companies with annual revenues of US$1 billion or more from 19 industries and 15 countries across North and South America, Europe and Asia Pacific. More than 98 percent of respondents were sole or key decision makers in cybersecurity strategy and spending for their organization.Improving cyber resilience2018 State of Cyber Resilience Executive Summary5TRANSFORMING SECURITYThis comprehensive study, which aims to better understand the state of cyber resilience across key markets and geographies, sheds a positive light on the future. Cybersecurity faces much the same trajectory as digital before it. In the early days, digital technologies were alien to existing organizational cultures. Yet, as the C-suite and board became more familiar with the digital world, dedicated roles began to appear within the organization, digital became integral to the core business strategy and is now becoming embedded in the ethos and outcomes of the organization. Today, we are poised to do the same with cybersecurity. Transforming security6 2018 State of Cyber Resilience Executive Summary70% prevented87% prevented2017 2018Focused attacksSecurity breaches3210630232Figure 1Improved defense against focused attacksFive findings illustrate the current state of cyber resilience in 2018.Security teams have made great progressbut there is still more work to be done on the basicsPrevious cybersecurity reports have often cast a shadow of doubt on whether organizations are ever going to be one step ahead of their cyber attackers. Growing sophistication and the constant introduction of powerful, breakthrough technologies have meant that CISOs and their organizations senior executives, have felt they are swimming against the tideriding waves of increasing magnitude. But the 2018 study highlights positive progress for security teams across the world. With significant ransomware incidents like WannaCry in 2017, targeted attacks have more than doubled in the space of a year (232 on average in 2018 versus 106 in 2017). Yet, organizations have been able to raise their game and prevent 87 percent of them, compared with only 70 percent in 2017 (Figure 1). It shows that their efforts are paying off. Yet, since organizations, on average, are facing two to three security breaches per month, there is still room for improvement. 1Transforming security2018 State of Cyber Resilience Executive Summary7Despite the rising pressure of targeted cyber attackswith cyber criminals scaling their operations using more sophisticated business models like ransomware-as-a-service and DDoS-for-Hire2 and monetizing these efforts through cryptocurrenciessecurity teams continue to identify nearly two-thirds of all breach attempts on average. However, this masks a divergence in performance among organizations. The number of respondents in the top categoryable to identify between 76 percent and 100 percent of breach attemptshas more than doubled to 23 percent. At the same time, more organizations than last year (24 percent) fall into the lowest categoryable to detect less than half of all breach attemptscompared with 14 percent in 2017. So, while many organizations are performing well, some are clearly struggling with the increased pressure of attacks.Interestingly, the majority of security teams are getting more effective at finding breaches faster. It is taking less time to detect a security breach; from months and years to just days and weeks. Eighty-nine percent of respondents said that breaches are now being detected within one month compared with a corresponding detection rate of only 32 percent last time around. This year, 55 percent took one week or less to detect a breach compared with 10 percent last year (Figure 2). 201720181 month0%10%20%30%40%50%60%70%80%An additional 57% of security teams now detect breaches fasterFigure 2Improvements in the detection of security breachesTransforming security2 2017 Cyber Threatscape Report: Midyear Cybersecurity Risk Review Forecast and Remediations, Accenture Security2018 State of Cyber Resilience Executive Summary8Of course, security teams are not always the first to know about attacks. The insidious nature of cyber crime means that there are continually evolving ways to infiltrate an organization. But more collaboration is taking place for the attacks that security teams do not identify. When the survey asked how they learn about breaches undetected by the security team, 21 percent said from responsible members of the security communityup from 14 percent in 2017and 17 percent said externally, through a peer or competitor, up from just 1 percent previously. Such collaboration and threat information sharing is positive and needs to grow furthereven among competitors as there is safety in numbers when defending against cyber attacks.Being better at detection, prevention and collaboration is not all that executives can be proud ofthey have also realized an impressive 42 percent improvement in security capabilities. Based on a list of 33 capabilities, the survey asked respondents to rate their performance level at each one of those individually defined capabilities. On average, respondents are achieving high performance in 19 out of 33 capabilities in 2018 compared with 11 out of 33 capabilities in 2017. Almost doubling their high-performing capabilities in a year is an achievement, but a proficiency of 19 out of 33 means they are still some way from being truly robust (Figure 3).1 33201711 capabilities ratedhigh performing201819 capabilities ratedhigh performingFigure 3Cybersecurity capabilities rated high performingSuch collaboration is positive and needs to grow furthereven among competitorsas there is safety in numbers when defending against cyber attacks.Transforming security2018 State of Cyber Resilience Executive Summary9In terms of delivering the next wave of improvements, it is easy to focus exclusively on counteracting external attacks, but organizations should not neglect the enemy within. When looking at the incidents security teams fail to prevent, the top two attacks with the greatest impact are external attacks, such as hackers, and internal attacks, such as malicious insiders. Here, their similarities end. External attacks have seen a 9 percent increase in impact since 2017 (28 percent of breaches in 2018 versus 19 percent in 2017). Whereas the number of respondents ranking internal attacks as one of the areas of the greatest impact on their organization was almost half the number from last year (22 percent in 2018 versus 43 percent in 2017). But it is not only the impact of breaches that mattersthe relative number of such attacks is important, too. Internal incidents were more frequent for 33 percent of respondents, compared with 28 percent for external attacks. This serves as a timely reminder for organizations to protect themselves from the inside out against the equally damaging threats of internal and external attacks (Figure 4).0% 5% 10% 15% 20% 25% 30% 35% 40%0%5%10%15%20%25%30%35%40%Lost/stolen computerLost/stolen mediaLegacyinfrastructureGreatest ImpactMost FrequentConfiguration errorAccidentally published informationExternal attacksInternal attacksFigure 4Most damaging cyber attacks by frequency and impactTransforming security2018 State of Cyber Resilience Executive Summary10
展开阅读全文