SlideShare uma empresa Scribd logo

Continuous Cyber Attacks - Report Summary

Accenture Technology
Accenture Technology

Cyber-attacks can rapidly derail an enterprise’s ability to create value, and their frequency, reach and levels of sophistication continue to grow. While no organization can defend itself from all cyber-attacks the following three approaches can help bring risk to a manageable level.

Tecnologia
1 de 4
Baixar para ler offline
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal Executive Summary
22 Cyber-attacks can rapidly derail an enterprise’s ability to create value, and their frequency, reach and levels of sophistication continue to grow. Leaders unfamiliar with the complexities of cyber defense may fail to recognize the gaps that exist in their digital security strategies. It’s easy to do: regulators and other government bodies compel companies to focus on compliance with specific regulations, drowning out other voices that support dynamic cyber risk management approaches. However, organizations have learned that passing compliance assessments does not equal data security. Likewise, a strategy focused on acquiring the latest security products and add-on applications can quickly drain a security budget, while not appreciably improving the organization’s defensive posture. While no organization can defend itself from all cyber-attacks the following three approaches can help bring risk to a manageable level: Actively engage to make the business a better security “customer” Strengthen the partnership between the business and security Continuously exercise organizational defenses 1 2 3
3 Actively engage to make the business a better security “customer” A solid cyber defense requires that partnerships are formed among an organization’s business stakeholders, its risk management office and the security team—a relationship that asks every employee to be responsible for security. The detection and elimination of cyber threats drops precipitously if the business stakeholders fail to cooperate fully with the security team. Some typical challenges include: • Security lacks sufficient top management access: Most companies recognize that digital security is an important agenda item, but in many cases, the Chief Information Security Officer (CISO) does not have top-level access. • The front lines remain unengaged in security issues: Often, employees do not care enough about security to change their behavior. Articulating the importance of security and doing it in an engaging manner starts at the top. • Ambiguity regarding who “owns” the systems under attack: Business teams are agile and entrepreneurial, creating new applications and data stores to meet customer demands. Once an attack happens, the security team needs to know who “owns” the compromised system or actions will be impeded and reduce the effectiveness of the response. Strengthen the partnership between the business and security Leaders can align the business side’s commercial needs and the security team’s cyber defense requirements by forging an effective business and security partnership. Four elements of such a partnership are: • Keep security on the agenda: If organizations can operate under a concept called ‘presumption of breach,’ acknowledging that a hacker will get into their networks, their perspective and alignment on the right security strategy can become laser focused. • Recognize the complexity of the challenge: Organizations need to understand the complexity of the systems they are defending and determine where to “set the bar” regarding loss tolerance. Part of the challenge is recognizing the complexity of roles; the organization has revenue goals and other business targets, and the security team has its own set of objectives. • Work together to identify the organization’s critical data: It often seems overwhelming to organizations since all risk can’t be mitigated—however it can become very manageable when an organization is able to pinpoint their most consequential risk in the relevant networks and provide them the greatest level of protection. • Evolve the organizational culture to attract and retain top-tier security talent: The best companies tend to think proactively about talent pools; this involves working with universities to develop key cyber defense recruits and looking for expertise outside of normal channels. Continuously exercise organizational defenses Business leaders should also focus on developing organizational defenses in the following ways: • Relentlessly test defenses: Organizations leading the way in cyber defense train with a third-party “sparring partner” imbued with all of the skills and technologies (but none of the malice) that attackers bring to bear. Similar to a boxer, someone who trains exclusively with a static punching bag won’t stand a chance against a real opponent. Likewise, an enterprise focused totally on conventional static defenses will quickly fall prey to today’s increasingly aggressive digital attackers. • Hunt inside the organization’s defenses: Assume that security is compromised and constantly look for intruders across the entire environment. • Improve response effectiveness: As the organization spars with an elite security assessment team, going through the same tactics as the attacker would use, over time they develop ‘muscle memory.’ Organizations that spar repetitively and consistently work more effectively to minimize an event’s impact. The intensity and seriousness of current digital attacks make cybercrimes uniquely dangerous for businesses. In this confusing new environment, many leaders wonder what they can do to make their companies more resilient. Once an enterprise takes the pulse of its cyber defense strengths and weaknesses, they should develop 100-day and 365 day plans to build the momentum needed to realize their cyber defense goals. 2 3 1
Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Copyright © 2015 Accenture All rights reserved. Contributors Bill Phelps Managing Director, Global Security Services bill.phelps@accenture.com Twitter: @waphelps Ryan LaSalle Managing Director, Security Growth & Strategy Lead ryan.m.lasalle@accenture.com Twitter: @labsguy Kevin Richards Managing Director, North America Security Practice k.richards@accenture.com Twitter: @kevin_richards Matt Devost Co-founder and CEO of FusionX matt.devost@accenture.com Twitter: @MattDevost Steve Culp Senior Managing Director, Accenture Finance & Risk Services steven.r.culp@accenture.com Twitter: @steve_culp David Smith Senior Managing Director, Talent & Organization david.y.smith@accenture.com DISCLAIMER: This document is intended for general informational purposes only and does not take into account the reader’s specific circumstances, and may not reflect the most current developments. Accenture disclaims, to the fullest extent permitted by applicable law, any and all liability for the accuracy and completeness of the information in this document and for any acts or omissions made based on such information. Accenture does not provide legal, regulatory, audit, or tax advice. Readers are responsible for obtaining such advice from their own legal counsel or other licensed professionals. Rights to trademarks referenced herein, other than Accenture trademarks, belong to their respective owners. We disclaim proprietary interest in the marks and names of others. About Accenture Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 358,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.

Recomendados

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Accenture Technology
 
Technology Vision 2016 - Infographic
Technology Vision 2016 - InfographicTechnology Vision 2016 - Infographic
Technology Vision 2016 - Infographic
Accenture Technology
 
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture LabsGender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Accenture Technology
 
Change Management
Change ManagementChange Management
Change Management
Accenture Technology
 
Use Application Portfolio Optimization to accelerate IT value
Use Application Portfolio Optimization to accelerate IT valueUse Application Portfolio Optimization to accelerate IT value
Use Application Portfolio Optimization to accelerate IT value
accenture
 
Going Deep: Mining Experiential and Behavioral Data in VR
Going Deep: Mining Experiential and Behavioral Data in VRGoing Deep: Mining Experiential and Behavioral Data in VR
Going Deep: Mining Experiential and Behavioral Data in VR
Accenture Technology
 
Building Digital Trust : The role of data ethics in the digital age
Building Digital Trust : The role of data ethics in the digital ageBuilding Digital Trust : The role of data ethics in the digital age
Building Digital Trust : The role of data ethics in the digital age
Accenture Technology
 
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology
 

Recomendados

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Accenture Technology
 
Technology Vision 2016 - Infographic
Technology Vision 2016 - InfographicTechnology Vision 2016 - Infographic
Technology Vision 2016 - Infographic
Accenture Technology
 
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture LabsGender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Gender Pay Parity Prototype for the 'Gig' Economy - Accenture Labs
Accenture Technology
 
Change Management
Change ManagementChange Management
Change Management
Accenture Technology
 
Use Application Portfolio Optimization to accelerate IT value
Use Application Portfolio Optimization to accelerate IT valueUse Application Portfolio Optimization to accelerate IT value
Use Application Portfolio Optimization to accelerate IT value
accenture
 
Going Deep: Mining Experiential and Behavioral Data in VR
Going Deep: Mining Experiential and Behavioral Data in VRGoing Deep: Mining Experiential and Behavioral Data in VR
Going Deep: Mining Experiential and Behavioral Data in VR
Accenture Technology
 
Building Digital Trust : The role of data ethics in the digital age
Building Digital Trust : The role of data ethics in the digital ageBuilding Digital Trust : The role of data ethics in the digital age
Building Digital Trust : The role of data ethics in the digital age
Accenture Technology
 
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology Vision for Workday 2016:People First: The primacy of pe...
Accenture Technology
 
Accenture Technology Vision 2016. Focus on Pega® Technology.
Accenture Technology Vision 2016. Focus on Pega® Technology.Accenture Technology Vision 2016. Focus on Pega® Technology.
Accenture Technology Vision 2016. Focus on Pega® Technology.
Accenture Technology
 
Digital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital EcosystemDigital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital Ecosystem
accenture
 
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital futureSAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
Accenture Technology
 
Strategic IT Sourcing: What’s the Future?
Strategic IT Sourcing: What’s the Future? Strategic IT Sourcing: What’s the Future?
Strategic IT Sourcing: What’s the Future?
Accenture Technology
 
Staking a claim in the Platform Economy with SAP
Staking a claim in the Platform Economy with SAPStaking a claim in the Platform Economy with SAP
Staking a claim in the Platform Economy with SAP
Accenture Technology
 
Accenture Technology Vision for Oracle - 2016
Accenture Technology Vision for Oracle - 2016Accenture Technology Vision for Oracle - 2016
Accenture Technology Vision for Oracle - 2016
Accenture Technology
 
Design for Humans - Tech Vision 2017 Trend 4
Design for Humans - Tech Vision 2017 Trend 4Design for Humans - Tech Vision 2017 Trend 4
Design for Humans - Tech Vision 2017 Trend 4
Accenture Technology
 
Intelligent Automation - 3 Lessons Learned
Intelligent Automation - 3 Lessons LearnedIntelligent Automation - 3 Lessons Learned
Intelligent Automation - 3 Lessons Learned
Accenture Technology
 
The Uncharted - Tech Vision 2017 Trend 5
The Uncharted - Tech Vision 2017 Trend 5The Uncharted - Tech Vision 2017 Trend 5
The Uncharted - Tech Vision 2017 Trend 5
Accenture Technology
 
Ecosystem Power Plays - Tech Vision 2017 Trend 2
Ecosystem Power Plays - Tech Vision 2017 Trend 2Ecosystem Power Plays - Tech Vision 2017 Trend 2
Ecosystem Power Plays - Tech Vision 2017 Trend 2
Accenture Technology
 
AI and the Future of Growth
AI and the Future of GrowthAI and the Future of Growth
AI and the Future of Growth
Accenture Technology
 
AI is the New UI - Tech Vision 2017 Trend 1
AI is the New UI - Tech Vision 2017 Trend 1AI is the New UI - Tech Vision 2017 Trend 1
AI is the New UI - Tech Vision 2017 Trend 1
Accenture Technology
 
Technology Vision 2017 - Overview
Technology Vision 2017 - OverviewTechnology Vision 2017 - Overview
Technology Vision 2017 - Overview
Accenture Technology
 
Technology Vision 2017 infographic
Technology Vision 2017 infographicTechnology Vision 2017 infographic
Technology Vision 2017 infographic
Accenture Technology
 
Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
Accenture Technology
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
Accenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
Accenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
Accenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
Accenture Technology
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
Accenture Technology
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidently
Accenture Technology
 

Mais conteúdo relacionado

Destaque

Digital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital EcosystemDigital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital Ecosystem
accenture
 

Destaque (14)

Accenture Technology Vision 2016. Focus on Pega® Technology.
Accenture Technology Vision 2016. Focus on Pega® Technology.Accenture Technology Vision 2016. Focus on Pega® Technology.
Accenture Technology Vision 2016. Focus on Pega® Technology.
 
Digital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital EcosystemDigital disruption: Embracing an Integrated Digital Ecosystem
Digital disruption: Embracing an Integrated Digital Ecosystem
 
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital futureSAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
SAP S/4 HANA Industry Road-Maps: Map the journey to your digital future
 
Strategic IT Sourcing: What’s the Future?
Strategic IT Sourcing: What’s the Future? Strategic IT Sourcing: What’s the Future?
Strategic IT Sourcing: What’s the Future?
 
Staking a claim in the Platform Economy with SAP
Staking a claim in the Platform Economy with SAPStaking a claim in the Platform Economy with SAP
Staking a claim in the Platform Economy with SAP
 
Accenture Technology Vision for Oracle - 2016
Accenture Technology Vision for Oracle - 2016Accenture Technology Vision for Oracle - 2016
Accenture Technology Vision for Oracle - 2016
 
Design for Humans - Tech Vision 2017 Trend 4
Design for Humans - Tech Vision 2017 Trend 4Design for Humans - Tech Vision 2017 Trend 4
Design for Humans - Tech Vision 2017 Trend 4
 
Intelligent Automation - 3 Lessons Learned
Intelligent Automation - 3 Lessons LearnedIntelligent Automation - 3 Lessons Learned
Intelligent Automation - 3 Lessons Learned
 
The Uncharted - Tech Vision 2017 Trend 5
The Uncharted - Tech Vision 2017 Trend 5The Uncharted - Tech Vision 2017 Trend 5
The Uncharted - Tech Vision 2017 Trend 5
 
Ecosystem Power Plays - Tech Vision 2017 Trend 2
Ecosystem Power Plays - Tech Vision 2017 Trend 2Ecosystem Power Plays - Tech Vision 2017 Trend 2
Ecosystem Power Plays - Tech Vision 2017 Trend 2
 
AI and the Future of Growth
AI and the Future of GrowthAI and the Future of Growth
AI and the Future of Growth
 
AI is the New UI - Tech Vision 2017 Trend 1
AI is the New UI - Tech Vision 2017 Trend 1AI is the New UI - Tech Vision 2017 Trend 1
AI is the New UI - Tech Vision 2017 Trend 1
 
Technology Vision 2017 - Overview
Technology Vision 2017 - OverviewTechnology Vision 2017 - Overview
Technology Vision 2017 - Overview
 
Technology Vision 2017 infographic
Technology Vision 2017 infographicTechnology Vision 2017 infographic
Technology Vision 2017 infographic
 

Mais de Accenture Technology

Mais de Accenture Technology (20)

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidently
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual world
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red Hat
 
Accenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture and Mercedes Case Study
Accenture and Mercedes Case Study
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: Infographic
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: Overview
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and Me
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNA
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with Workday
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
 
Technology Vision for SAP 2019
Technology Vision for SAP 2019Technology Vision for SAP 2019
Technology Vision for SAP 2019
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for Workday
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for Pega
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Último (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 

Continuous Cyber Attacks - Report Summary

  • 1. Continuous Cyber Attacks: Engaging Business Leaders for the New Normal Executive Summary
  • 2. 22 Cyber-attacks can rapidly derail an enterprise’s ability to create value, and their frequency, reach and levels of sophistication continue to grow. Leaders unfamiliar with the complexities of cyber defense may fail to recognize the gaps that exist in their digital security strategies. It’s easy to do: regulators and other government bodies compel companies to focus on compliance with specific regulations, drowning out other voices that support dynamic cyber risk management approaches. However, organizations have learned that passing compliance assessments does not equal data security. Likewise, a strategy focused on acquiring the latest security products and add-on applications can quickly drain a security budget, while not appreciably improving the organization’s defensive posture. While no organization can defend itself from all cyber-attacks the following three approaches can help bring risk to a manageable level: Actively engage to make the business a better security “customer” Strengthen the partnership between the business and security Continuously exercise organizational defenses 1 2 3
  • 3. 3 Actively engage to make the business a better security “customer” A solid cyber defense requires that partnerships are formed among an organization’s business stakeholders, its risk management office and the security team—a relationship that asks every employee to be responsible for security. The detection and elimination of cyber threats drops precipitously if the business stakeholders fail to cooperate fully with the security team. Some typical challenges include: • Security lacks sufficient top management access: Most companies recognize that digital security is an important agenda item, but in many cases, the Chief Information Security Officer (CISO) does not have top-level access. • The front lines remain unengaged in security issues: Often, employees do not care enough about security to change their behavior. Articulating the importance of security and doing it in an engaging manner starts at the top. • Ambiguity regarding who “owns” the systems under attack: Business teams are agile and entrepreneurial, creating new applications and data stores to meet customer demands. Once an attack happens, the security team needs to know who “owns” the compromised system or actions will be impeded and reduce the effectiveness of the response. Strengthen the partnership between the business and security Leaders can align the business side’s commercial needs and the security team’s cyber defense requirements by forging an effective business and security partnership. Four elements of such a partnership are: • Keep security on the agenda: If organizations can operate under a concept called ‘presumption of breach,’ acknowledging that a hacker will get into their networks, their perspective and alignment on the right security strategy can become laser focused. • Recognize the complexity of the challenge: Organizations need to understand the complexity of the systems they are defending and determine where to “set the bar” regarding loss tolerance. Part of the challenge is recognizing the complexity of roles; the organization has revenue goals and other business targets, and the security team has its own set of objectives. • Work together to identify the organization’s critical data: It often seems overwhelming to organizations since all risk can’t be mitigated—however it can become very manageable when an organization is able to pinpoint their most consequential risk in the relevant networks and provide them the greatest level of protection. • Evolve the organizational culture to attract and retain top-tier security talent: The best companies tend to think proactively about talent pools; this involves working with universities to develop key cyber defense recruits and looking for expertise outside of normal channels. Continuously exercise organizational defenses Business leaders should also focus on developing organizational defenses in the following ways: • Relentlessly test defenses: Organizations leading the way in cyber defense train with a third-party “sparring partner” imbued with all of the skills and technologies (but none of the malice) that attackers bring to bear. Similar to a boxer, someone who trains exclusively with a static punching bag won’t stand a chance against a real opponent. Likewise, an enterprise focused totally on conventional static defenses will quickly fall prey to today’s increasingly aggressive digital attackers. • Hunt inside the organization’s defenses: Assume that security is compromised and constantly look for intruders across the entire environment. • Improve response effectiveness: As the organization spars with an elite security assessment team, going through the same tactics as the attacker would use, over time they develop ‘muscle memory.’ Organizations that spar repetitively and consistently work more effectively to minimize an event’s impact. The intensity and seriousness of current digital attacks make cybercrimes uniquely dangerous for businesses. In this confusing new environment, many leaders wonder what they can do to make their companies more resilient. Once an enterprise takes the pulse of its cyber defense strengths and weaknesses, they should develop 100-day and 365 day plans to build the momentum needed to realize their cyber defense goals. 2 3 1
  • 4. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Copyright © 2015 Accenture All rights reserved. Contributors Bill Phelps Managing Director, Global Security Services bill.phelps@accenture.com Twitter: @waphelps Ryan LaSalle Managing Director, Security Growth & Strategy Lead ryan.m.lasalle@accenture.com Twitter: @labsguy Kevin Richards Managing Director, North America Security Practice k.richards@accenture.com Twitter: @kevin_richards Matt Devost Co-founder and CEO of FusionX matt.devost@accenture.com Twitter: @MattDevost Steve Culp Senior Managing Director, Accenture Finance & Risk Services steven.r.culp@accenture.com Twitter: @steve_culp David Smith Senior Managing Director, Talent & Organization david.y.smith@accenture.com DISCLAIMER: This document is intended for general informational purposes only and does not take into account the reader’s specific circumstances, and may not reflect the most current developments. Accenture disclaims, to the fullest extent permitted by applicable law, any and all liability for the accuracy and completeness of the information in this document and for any acts or omissions made based on such information. Accenture does not provide legal, regulatory, audit, or tax advice. Readers are responsible for obtaining such advice from their own legal counsel or other licensed professionals. Rights to trademarks referenced herein, other than Accenture trademarks, belong to their respective owners. We disclaim proprietary interest in the marks and names of others. About Accenture Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 358,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.