One in Three Cyberattacks Result in a Security Breach
Overconfidence in your IT department may be putting your organization at a higher risk for attack.
A new security survey from Accenture revealed that in the past twelve months, roughly one in three targeted attacks resulted in an actual security breach. Still, a majority of security executives (75 percent) surveyed are confident in their ability to protect their enterprises from cyberattacks.
The survey reveals that the length of time taken to detect these security breaches often compounds the problem, as more than half of executives (51 percent) disclose that it takes months to detect sophisticated breaches, and as many as a third of all successful breaches are not discovered at all by the security team.
What this means is that while enterprises understand that it is time to get smarter about how security budgets are spent, the sentiment among those surveyed indicated they will only continue to pursue the same countermeasures instead of investing in new and different security controls in order to mitigate threats.
For example, Accenture found that given extra budget, 44 percent to 54 percent of respondents would “double down” on their current cybersecurity spending priorities (protecting the company's reputation) safeguarding company information, and protecting customer data) – even though those investments have not significantly deterred regular and ongoing breaches. Far fewer companies would invest the extra funds in efforts that would directly affect their bottom line, such as mitigating against financial losses (28 percent) or investing in cybersecurity training (17 percent).
“Cyberattacks are a constant operational reality across every industry today and our survey reveals that catching criminal behavior requires more than the best practices and perspectives of the past. There needs to be a fundamentally different approach to security protection starting with identifying and prioritizing key company assets across the entire value chain,” said Kevin Richards, managing director, Accenture Security, North America. “It is also clear that the need for organizations to take a comprehensive end-to-end approach to digital security – one that integrates cyber defense deeply into the enterprise – has never been greater.”