Only two out of five organisations are investing in technologies like machine learning (ML), artificial intelligence (AI) and automation, indicating the need to increase investment in cyber-resilient innovations and solutions.
Accenture surveyed 4,600 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries for the 2018 State of Cyber Resilience study. It was conducted from January to mid-March 2018.
The purpose of the study is to understand the extent to which companies prioritise security, the effectiveness of current security efforts and the adequacy of existing investments.
The study revealed that the average number of focused cyberattacks per organisation has more than doubled this year, compared to the previous one year. There were 232 cyber attacks through January 2018, against 106 through January 2017.
The study added that organisations are demonstrating far more success in detecting and blocking them, but they still have more work to do.
It found that organisations are upping their game and now preventing 87% of all focused attacks, compared with 70% in 2017. However, with 13% of focused attacks penetrating defences, organisations are still facing an average of 30 successful security breaches per year, which cause damage or result in the loss of high-value assets.
“Only one in eight focused cyber attacks are getting through compared to one in three last year, indicating that organisations are doing a better job of preventing data from being hacked, stolen or leaked," said Kelly Bissell, Managing Director of Accenture Security, adding that building investment capacity for wise security investments must be a priority for those organisations, which want to close the gap on successful attacks even further.
Cybersecurity programme
On average, respondents said that only two-thirds (67%) of their organisation is actively protected by their cybersecurity programme. While external incidents continue to pose a serious threat, the survey reveals that organisations should not forget about the enemy from within.
Two of the top three cyber attacks with the highest frequency and greatest impact are internal attacks and accidentally published information.
The study also pointed out the need to build a strong foundation to identify high-value assets and harden them and to employ breakthrough technologies. It also stressed the need to enhance red defence and blue defence teams with player-coaches that move between them and provide analysis on where improvements need to be made.
