SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Accenture - a collective security approach a driving factor for cyber resilience
Thu, 26th May 2022
FYI, this story is more than a year old

As the world continues to change, so does the way we adapt to cybersecurity. It is now even more imperative to start discussing the impact of cybersecurity on business operations as we move forward, as new threats begin to appear.

An increased presence of ever-evolving threats has led to a significant change in attitudes towards cybersecurity, and a new extension to Accenture's "State of Cybersecurity Resilience 2021" report proves why CEOs need to take immediate action to protect their businesses.

The original report showed that attacks were up, and companies knew they needed to make changes. There were, on average, 270 attacks per company over the year, which was a 31% increase over 2020.

Third-party risk also continued to be a dominant force, with the number of successful breaches to an organisation through the supply chain increasing from 44% to 61%.

Accenture also identified four levels of cyber resilience, giving businesses an indication of which category they fell into:

Business Blockers, who prioritise cyber resilience over business strategy.

The Vulnerable, who exercise lack of care and minimal security.

Cyber Risk Takers, who power ahead and accept high cyber risk to align with business strategy.

Cyber Champions, who expertly balance cyber resilience and business objectives.

The point was clear that enterprises should strive to be Cyber Champions, as this group experienced significantly lower attacks and breaches as seen in the percentage points, being 8% lower than Business Blockers and 36% lower than Cyber Risk Takers.

With this in mind, the new add-on by Accenture, "Elevating the Cybersecurity Discussion", highlights that while companies should aspire to achieve cyber resilience, there are often fundamental issues and barriers that prevent them from reaching their full potential.

Research from the company shows that nearly half of CEOs/CFOs surveyed say siloed responsibilities (49%) and unclear accountability (51%) are barriers to realising their cybersecurity objectives.

The report goes on to say that CEOs need to lead the change in how cybersecurity is viewed, planned and executed, and Accenture's point of view identifies three considerations:

Security is everyone's responsibility: Solving the collective cybersecurity challenge requires a broader, more inclusive approach. An effective business cybersecurity strategy must be shaped jointly by the CEO, CISO, board and business leaders.

Cybersecurity practices should align with the business strategy: The research shows that in most cases, more investment doesn't automatically mean less cyber risk. Security now accounts for 15% of all IT spending, higher than reported in 2020. As a result, companies need to invest smartly and align cybersecurity practices across all aspects of their business.

Be a cyber-savvy CEO: A CEO with a relaxed attitude to cyber risk will always face problems. Strong leadership relies on good communication, and it is the CEO's job to make sure they have a handle on all cyber-related security issues.

Cybersecurity has become even more of a business imperative as the physical and digital worlds slowly become more connected. It's clear that an aligned, managed, and collaborative security approach is the key to helping a business navigate these challenging times.

Let Accenture help you address cyber risk, enhance your security investments and inspire a culture change that bakes in cyber resilience across the business. Read the point of view here.