the state of cybersecurity and digital trust 2016

The State of Cybersecurity

and Digital Trust 2016

Identifying Cybersecurity Gaps

to Rethink State of the Art

2Copyright © 2016 Accenture All rights reserved.

Digital trust is….

• Not a technology, or a process.

• An outcome—secure,

trusted relationships and

engagement between the

enterprise and its employees,

partners and customers

• Influenced by how information

and data assets are secured

and leveraged.

• At the core of the brand.

The future of the digital enterprise depends

on its ability to foster a culture of security

that enables digital trust

Cyber Security

Digital Trust

Brand


Digital trust requires…

A holistic approach to cybersecurity that looks beyond technology and views security as more than a stand-alone business process

A leadership-driven cybersecurity culture

New modes of working—not incremental improvement.

A trusted enterprise, partners, technology tools and management support.

Robust cybersecurity is demanded by consumers

and a key ingredient in the creation of digital trust

2 in 3 respondents reported experiencing data theft or corruption from within their organizations.


The “state of the art” is evolving as digital technologies proliferate and

professional threat actors increase.

Many threats to data come from within.

More than half of respondents said digital initiatives are having a strong or critical impact on data security.

Digital transformation is having a major impact.

Half of respondents said organized teams of professionals and organized crime are the external threats of most concern.

External threats

are a rising concern

Business goals identified as most vulnerable to data security gaps:

43% Brand Reputation and 37% Customer support

Customer-facing initiatives require strong security.

State of Cyber Threats: Significant and Diverse


Technology

Rise of cyber threats vs.

ability to quickly leverage

new security technologies

Talent

Technical and operational

skills needed vs.

available talent

Parity

Cyber preparedness

vs. threats across

regions, verticals and

ecosystem partners

Management

Executive management

perception vs. security operations

perception of cybersecurity

Budget

Security funds required

vs. funds available

Five gaps undermining digital trust

Talent

Critical shortage of cybersecurity talent needs urgent action.


• 54% (70% within EMEA) indicate

their employees are underprepared

to prevent security breaches.

• 42% believe they need additional

budget for hiring security talent

and/or training.

• 31% list either lack of training or

staffing budget as their single biggest

inhibitor to cybersecurity provision.

• 76% of respondents believe

they need some level of

improvement in their ability to

conduct threat and vulnerability

assessments.

Opportunities:

• Acquire top talent.

• Develop talent through effective

training and testing.

• Establish business partnerships.

• Collaboration is critical.

• Firewalls and encryption top

the list of the most important

technologies deployed today

to combat cyber threats.

• The largest growth was anticipated

in emerging technologies to mitigate

advanced threats over the next

12-18 months:

– 33% increase on Cognitive/AI

– 31% Data Anonymization

– 25% Behavioral Tracking

– 21% Automation


Opportunities:

• Adopt a long-range strategy coupled

with a conceptualize-test-implement-

refine methodology.

• New budget and talent required:

address budget constraints for both

technology and talent.

• Reallocate resources as needed.

Technology

Today: commodity technologies, common skills, existing budget

Tomorrow: new technologies, new budget, new skills

• On average only 35-57% of

partners were reported to be

cyber vetted, placing most

enterprises at considerable risk.

• An anticipated 41-51%

improvement in vetting is a

good sign, but still leaves gaps.

• 25% indicate their Sales force

is either not very or only somewhat

secure. Cybersecurity differences

between operational units within

the enterprise continue to put

digital trust at risk.


Opportunities:

• Strengthen security partnerships with

all providers.

• Establish complete vetting of partners.

ParityDifferences in cyber integrity across the enterprise and its

partners continue to put digital trust at risk.

• 62% of respondents indicate

that the biggest inhibitor to their

organization’s security provision

is budget-related.

• 70% of respondents cite a lack of,

or inadequate, funding for either

cybersecurity technology or

security talent, including training.

• Funding shortfalls translate to less

advanced technology and

shortages of adequately trained

staff.


Opportunities:

• Budgets for cybersecurity are a

relatively new phenomenon. To

secure proper funding, tightly link or

embed cybersecurity to—or embed it

in—risk management and digital

functions to obtain optimal funding.

Budget

Security funding is under stress.

• 35% believe management doesn’t

concern themselves with security.

• 36% believe management considers

security an unnecessary cost.

• 43% cite a Culture of

Cybersecurity Awareness as very

or critically important to the overall

business of the enterprise.


Opportunities:

• Cybersecurity is everyone’s job.

Foster a culture of cybersecurity

awareness and corporate and

personal data responsibility and

security.

• Reframe the discussion from pure

security to enabling digital trust.

Management

Leadership plays a critical role in delivering digital trust for

the entire enterprise.


The future of the digital

enterprise relies upon

the ability of cybersecurity

professionals, working

in tandem with the

extended enterprise,

to create an environment

of digital trust where

business can flourish.

Five questions every enterprise

should be asking

1. Are we effectively allocating

budgets and resources?

2. Are we accurately measuring costs

and results of cybersecurity efforts?

3. Are we anticipating and leveraging

new technologies and processes?

4. Are we ensuring parity of protection

across the extended enterprise

ecosystem?

5. How can we best transform

cybersecurity to achieve a holistic

state-of-the-art approach to

leveraging data assets?

Driving toward “state-of-the-art” cybersecurity

Recommendations

Executive management must assume a visible, vocal, and engaged position on cybersecurity, driving a culture that fosters digital trust.

Cybersecurity talent must be acquired, trained and developed, leveraging holistic security practices and emerging technologies to better address cyberattacks.

Cybersecurity operations and executive management must collaborate to identify and close gaps between security requirements and execution ability.

Enterprise cybersecurity teams must establish innovation and testing capabilities to rapidly and cost-efficiently identify, vet, and test new and emerging technologies to keep pace with the evolution of cyber threats.

Shift how cybersecurity funding is viewed, moving away from treating costs as overhead to a holistic approach that includes the cost of securing data and allowing it to be used as part of overall business initiative financial requirements.


Copyright © 2016 Accenture. All rights reserved.

About the survey

Accenture and HfS Research surveyed more than 200 enterprise security professionals across multiple geographies and industries, seeking insights on organizations’ ability to protect data in their core enterprise systems, the many challenges to achieving this goal, how cybersecurity threats are perceived and managed, as well as greater understanding of what needs to be improved. The survey was fielded from March through May 2016.

Thank you

#CyberSecurity

@AccentureSecure.

www.accenture.com/cybersecurity2016

@HfS Research

www.hfsresearch.com

http://www.twitter.com/AccentureSecure

http://www.accenture.com/cybersecurity2016

https://twitter.com/hfsresearch

http://www.hfsresearch.com/