the state of cybersecurity and digital trust 2016
TRANSCRIPT
The State of Cybersecurity
and Digital Trust 2016
Identifying Cybersecurity Gaps
to Rethink State of the Art
2Copyright © 2016 Accenture All rights reserved.
Digital trust is….
• Not a technology, or a process.
• An outcome—secure,
trusted relationships and
engagement between the
enterprise and its employees,
partners and customers
• Influenced by how information
and data assets are secured
and leveraged.
• At the core of the brand.
The future of the digital enterprise depends
on its ability to foster a culture of security
that enables digital trust
Cyber Security
Digital Trust
Brand
3Copyright © 2016 Accenture All rights reserved.
Digital trust requires…
A holistic approach to cybersecurity that looks beyond technology and views security as more than a stand-alone business process
A leadership-driven cybersecurity culture
New modes of working—not incremental improvement.
A trusted enterprise, partners, technology tools and management support.
Robust cybersecurity is demanded by consumers
and a key ingredient in the creation of digital trust
2 in 3 respondents reported experiencing data theft or corruption from within their organizations.
4Copyright © 2016 Accenture All rights reserved.
The “state of the art” is evolving as digital technologies proliferate and
professional threat actors increase.
Many threats to data come from within.
More than half of respondents said digital initiatives are having a strong or critical impact on data security.
Digital transformation is having a major impact.
Half of respondents said organized teams of professionals and organized crime are the external threats of most concern.
External threats
are a rising concern
Business goals identified as most vulnerable to data security gaps:
43% Brand Reputation and 37% Customer support
Customer-facing initiatives require strong security.
State of Cyber Threats: Significant and Diverse
5Copyright © 2016 Accenture All rights reserved.
Technology
Rise of cyber threats vs.
ability to quickly leverage
new security technologies
Talent
Technical and operational
skills needed vs.
available talent
Parity
Cyber preparedness
vs. threats across
regions, verticals and
ecosystem partners
Management
Executive management
perception vs. security operations
perception of cybersecurity
Budget
Security funds required
vs. funds available
Five gaps undermining digital trust
Talent
Critical shortage of cybersecurity talent needs urgent action.
6Copyright © 2016 Accenture All rights reserved.
• 54% (70% within EMEA) indicate
their employees are underprepared
to prevent security breaches.
• 42% believe they need additional
budget for hiring security talent
and/or training.
• 31% list either lack of training or
staffing budget as their single biggest
inhibitor to cybersecurity provision.
• 76% of respondents believe
they need some level of
improvement in their ability to
conduct threat and vulnerability
assessments.
Opportunities:
• Acquire top talent.
• Develop talent through effective
training and testing.
• Establish business partnerships.
• Collaboration is critical.
• Firewalls and encryption top
the list of the most important
technologies deployed today
to combat cyber threats.
• The largest growth was anticipated
in emerging technologies to mitigate
advanced threats over the next
12-18 months:
– 33% increase on Cognitive/AI
– 31% Data Anonymization
– 25% Behavioral Tracking
– 21% Automation
7Copyright © 2016 Accenture All rights reserved.
Opportunities:
• Adopt a long-range strategy coupled
with a conceptualize-test-implement-
refine methodology.
• New budget and talent required:
address budget constraints for both
technology and talent.
• Reallocate resources as needed.
Technology
Today: commodity technologies, common skills, existing budget
Tomorrow: new technologies, new budget, new skills
• On average only 35-57% of
partners were reported to be
cyber vetted, placing most
enterprises at considerable risk.
• An anticipated 41-51%
improvement in vetting is a
good sign, but still leaves gaps.
• 25% indicate their Sales force
is either not very or only somewhat
secure. Cybersecurity differences
between operational units within
the enterprise continue to put
digital trust at risk.
8Copyright © 2016 Accenture All rights reserved.
Opportunities:
• Strengthen security partnerships with
all providers.
• Establish complete vetting of partners.
ParityDifferences in cyber integrity across the enterprise and its
partners continue to put digital trust at risk.
• 62% of respondents indicate
that the biggest inhibitor to their
organization’s security provision
is budget-related.
• 70% of respondents cite a lack of,
or inadequate, funding for either
cybersecurity technology or
security talent, including training.
• Funding shortfalls translate to less
advanced technology and
shortages of adequately trained
staff.
9Copyright © 2016 Accenture All rights reserved.
Opportunities:
• Budgets for cybersecurity are a
relatively new phenomenon. To
secure proper funding, tightly link or
embed cybersecurity to—or embed it
in—risk management and digital
functions to obtain optimal funding.
Budget
Security funding is under stress.
• 35% believe management doesn’t
concern themselves with security.
• 36% believe management considers
security an unnecessary cost.
• 43% cite a Culture of
Cybersecurity Awareness as very
or critically important to the overall
business of the enterprise.
10Copyright © 2016 Accenture All rights reserved.
Opportunities:
• Cybersecurity is everyone’s job.
Foster a culture of cybersecurity
awareness and corporate and
personal data responsibility and
security.
• Reframe the discussion from pure
security to enabling digital trust.
Management
Leadership plays a critical role in delivering digital trust for
the entire enterprise.
11Copyright © 2016 Accenture All rights reserved.
The future of the digital
enterprise relies upon
the ability of cybersecurity
professionals, working
in tandem with the
extended enterprise,
to create an environment
of digital trust where
business can flourish.
Five questions every enterprise
should be asking
1. Are we effectively allocating
budgets and resources?
2. Are we accurately measuring costs
and results of cybersecurity efforts?
3. Are we anticipating and leveraging
new technologies and processes?
4. Are we ensuring parity of protection
across the extended enterprise
ecosystem?
5. How can we best transform
cybersecurity to achieve a holistic
state-of-the-art approach to
leveraging data assets?
Driving toward “state-of-the-art” cybersecurity
Recommendations
Executive management must assume a visible, vocal, and engaged position on cybersecurity, driving a culture that fosters digital trust.
Cybersecurity talent must be acquired, trained and developed, leveraging holistic security practices and emerging technologies to better address cyberattacks.
Cybersecurity operations and executive management must collaborate to identify and close gaps between security requirements and execution ability.
Enterprise cybersecurity teams must establish innovation and testing capabilities to rapidly and cost-efficiently identify, vet, and test new and emerging technologies to keep pace with the evolution of cyber threats.
Shift how cybersecurity funding is viewed, moving away from treating costs as overhead to a holistic approach that includes the cost of securing data and allowing it to be used as part of overall business initiative financial requirements.
12Copyright © 2016 Accenture All rights reserved.
Copyright © 2016 Accenture. All rights reserved.
About the survey
Accenture and HfS Research surveyed more than 200 enterprise security professionals across multiple geographies and industries, seeking insights on organizations’ ability to protect data in their core enterprise systems, the many challenges to achieving this goal, how cybersecurity threats are perceived and managed, as well as greater understanding of what needs to be improved. The survey was fielded from March through May 2016.
Thank you
#CyberSecurity
@AccentureSecure.
www.accenture.com/cybersecurity2016
@HfS Research
www.hfsresearch.com