RESOLVING HIGH-TECH'S SECURITY CHALLENGE

Transcription

1 RESOLVING HIGH-TECH'S SECURITY CHALLENGE

2 CONFIDENCE MASKS VULNERABILITY: ASSESSING CYBERSECURITY PERCEPTIONS Steeped in innovation and cutting-edge technology, the high-tech sector attracts serious attention from hackers and malicious offenders worldwide. Recently, targets have expanded exponentially, from the latest artificial intelligence breakthroughs to massive caches of proprietary customer data. Despite the industry s exceptional access to the best digital talent and technology worldwide, online threats continue to increase. In part, this danger results from the incredible progress the digital revolution has experienced. Thus, as high-tech players and their customers embrace the profusion of online digital advances (often generated by the industry itself), the number of attack surfaces widens and deepens to include employees, vendors and partners. That changes the game, even for highly accomplished digital players. However, even within this select group, companies still adopt start up mentalities and habits. For example, some companies remain averse to rigorous planning and processes due to fears they will slow innovation. Others have accumulated significant technical debt due to the lack of updates required for patching backlogs and other remediation techniques, and because of the belief that technology solves all problems. Rather than investing in their tech-heavy toolbelt, companies continuously buy and implement the latest products and solutions to handle security threats, resulting in a duplication of capabilities and a proliferation of under-utilized technologies. Given these realities, the industry needs tight and easy security solutions that align with their business strategies, which translates into meticulous, yet lightweight planning and processes, including making better use of the tools they already have and configuring them to achieve superior return on investment (ROI) results. It also requires companies to add the process wrappers and people training required to extract optimum performance from every tool. 2 RESOLVING HIGH-TECH S SECURITY CHALLENGE

3 THE LOWDOWN ON HIGH-TECH S DIGITAL SECURITY CHALLENGE While companies mainly express overall confidence in their cybersecurity capabilities, some concerns have emerged lower down in the high-tech stack. Accenture s recent global survey of 2,000 security executives, which included 185 high-tech industry professionals, revealed that two-thirds of the latter respondents expressed confidence in their cybersecurity strategies. Additionally, nearly that many said their organizations have completely embedded cybersecurity into their cultures and viewed it as a board-level concern supported by their top executives. Companies are experiencing numerous serious breach attempts: nearly 145 annually. At the same time, the survey indicated that these companies are experiencing numerous serious breach attempts: nearly an average of 145 annually; a quarter of which get through. That translates to an average of three effective attacks a month. Amplifying the problem, 40 percent of those surveyed said it can take their companies months or even up to a year to detect the breaches, and their internal security teams discover only about twothirds of them. Even more troubling, over 40 percent said that their greatest cybersecurity impact comes from malicious insiders, while 60 percent lack confidence in their organization s internal monitoring capabilities. Despite widespread acknowledgement that internal threats have the most impact, companies continue to focus their investments on external security issues, with almost 60 percent prioritizing perimeter-based controls against outsiders instead of addressing the high-impact threats coming from within the company. 3 RESOLVING HIGH-TECH S SECURITY CHALLENGE

4 CHANGES IN THE CYBERSECURITY LANDSCAPE Unlike many other sectors, which have experienced massive dislocations due to the digital revolution, the high-tech industry s cybersecurity landscape has undergone changes in degree rather than kind. The pioneering digital sector, hightech long-ago gained an online footing and thus has built on that advantage going forward. One expanding shift involves the deployment of many new systems partly or wholly in the cloud. While the cloud enables new and attractive business models and delivery options, it also exposes new security weaknesses and avenues of attack, thus fundamentally changing the security model required to keep things safe. Other new attack surfaces attractive to adversaries include systems such as digital analytics, operational supply chains and Internet of Things (IoT) networks. Not only are new attack surfaces emerging at a record pace, the amounts of data in circulation are exploding. With the costs of memory and computing power plummeting, the rise of big data analytics and the arrival of the first waves of IoT information, incoming data that once resembled the output from a fire hose has become a tsunami. As a result, companies need to protect much more company data and customer information, often dispersed far beyond enterprise walls and accessible via an ever-widening array of end points. Even as high-tech companies in large part drive the digital revolution, they often find themselves playing catch-up on cybersecurity. 4 RESOLVING HIGH-TECH S SECURITY CHALLENGE

5 Even as high-tech companies in large part drive the digital revolution, they often find themselves playing catch-up on cybersecurity much like companies in other industries. Research showed that executives across industries expressed serious concerns about threats from within the organization. According to an Accenture survey of enterprise security professionals, insider corporate data theft and malware infections are among the biggest threats to digital businesses. 1 Over four in 10 of the participants in that survey expressed concerns about the theft of corporate information and just under half are similarly concerned about the theft of personal information. However, only 32 percent of high-tech players can readily identify the business s high-value assets and business processes the crown jewels of the company. High-tech players on average suffer three effective breaches per month attacks that can take them months or years to discover. To recap, high-tech players on average suffer three effective breaches per month attacks that can take them months or years to discover. Their internal security teams typically only identify two-thirds of these attacks, the most serious of which come from within the organization itself, while 68 percent of high-tech respondents can t identify the business s crown jewels. And yet high numbers of companies expressed confidence in their cybersecurity strategies. This conflict exposes a level of vulnerability within the industry that could manifest itself in dangerous ways. High-tech companies don t have a strong picture of how bad things might be, which is keeping them from acting faster and with more determination to change approaches, train employees, and fortify currently weak cyber defenses. While most security teams in high-tech have concerns, the problem is getting from concern to action in a meaningful way. Companies need to rethink, reframe and reenergize their approaches to cybersecurity. 5 RESOLVING HIGH-TECH S SECURITY CHALLENGE

6 REBOOTING HIGH-TECH S CYBERSECURITY STRATEGY To survive in this contradictory and increasingly risky environment, organizations need to reboot their approaches to cybersecurity. What s required is an end-to-end approach that considers threats across the spectrum of the high-tech industry s value chain and a company s specific ecosystem. That means identifying and minimizing business exposure and focusing on protecting the company s crown jewels. The following steps can help high-tech organizations overcome limited perceptions and deal effectively with the high-impact cyber threats they face. DEFINE CYBERSECURITY SUCCESS To reframe cybersecurity perceptions and build a new definition of success, leaders should seek the answers to several questions: Can they confidently identify all priority business data assets and their locations? Are they able to defend the business from a motivated adversary? Do they have the tools and processes to identify and respond to a targeted attack? Do they know what their adversaries really seek? How often does the organization practice its plan (to get better at responses)? How could targeted attacks affect the business? Does the company have the right alignment, structure, team members, and other resources to execute the cybersecurity mission? 6 RESOLVING HIGH-TECH S SECURITY CHALLENGE

7 PRESSURE TEST DEFENSES Pressure-testing company defenses helps leaders to understand whether they are really able to withstand a targeted, focused attack or not. Organizations can engage white hat external hackers in a real sparring match with their cybersecurity team to quickly determine whether it s capable of defending the enterprise. PROTECT FROM THE INSIDE OUT Attackers know what they want, but usually not where it s located on the network. In contrast, cybersecurity professionals have the advantage of knowing which key assets need to be protected. By focusing on these key assets, organizations can concentrate on the relatively fewer internal incursions that have the greatest impact. INVEST TO INNOVATE AND OUTMANEUVER One reliable approach involves looking across seven key cybersecurity domains to identify potential opportunities for future investments in innovation. Currently, fewer than 45 percent of high-tech respondents expressed confidence in their capabilities regarding any of the seven domains. Business alignment assesses cybersecurity incident scenarios to better understand those that could materially affect the business. Governance and leadership means focusing on cybersecurity accountability, nurturing a security-minded culture, monitoring cybersecurity performance, developing incentives for employees and creating a cybersecurity chain of command. Strategic threat context drives organizations to explore cybersecurity threats in order to align the security program with the business strategy. Cyber resilience is the company s ability to deliver operational excellence in the face of disruptive cyber adversaries. Cyber response readiness means having a robust response plan, strong cyber incident communications, tested plans for the protection and recovery of key assets, effective cyber incident escalation paths and the ability to ensure solid stakeholder involvement across all business functions. The extended ecosystem should be ready to cooperate during crisis management, develop third-party cybersecurity clauses and agreements, and focus on regulatory compliance. Investment efficiency strives to drive financial understanding concerning investments across cybersecurity domains and the allocation of funding and resources. 7 RESOLVING HIGH-TECH S SECURITY CHALLENGE

8 MAKE SECURITY EVERYONE S JOB Virtually all high-tech survey respondents (99 percent) said that the company most frequently learned about breaches not detected by the security team from employees. In fact, a company s people represent its first line of defense, which is why firms need to prioritize training and continually refresh cyber talent across the business. However, given extra budget, fewer than 20 percent of high-tech companies said they would invest it in cybersecurity training. LEAD FROM THE TOP To succeed, CISOs need to step beyond their comfort zones (e.g., compliance audits, cyber technology) and materially engage with enterprise leadership on a day-to-day basis. Doing so will require them to speak the language of business to make the case that the cybersecurity team represents a critical pillar in the battle to protect company value. 8 RESOLVING HIGH-TECH S SECURITY CHALLENGE

9 RESTORING JUSTIFIABLE CONFIDENCE As their digital security strategies and organizations mature and innovative solutions emerge, high-tech organizations that tie cybersecurity efforts to real business needs will gain justifiable confidence in their ability to deal with the threats that inhabit today s changeable and dangerous digital world. 9 RESOLVING HIGH-TECH S SECURITY CHALLENGE

10 AUTHORS PAOLO DAL CIN Managing Director Accenture Security Communications, Media & Technology, Global Lead STEVE CURTIS Managing Director Communications, Media & Technology Security Lead, North America IOANA BAZAVAN Managing Director Communications, Media & Technology Security, Global High-Tech Lead FOOTNOTES 1 New Report Finds Insider Corporate Data Theft and Malware Infections Among Biggest Threat to Digital Business in 2016, Accenture news release, June 27, newsroom.accenture.com/news/new-report finds-insider-corporate-data-theft-andmalwareinfections-among-biggest-threatto-digital-businessin-2016.htm ABOUT ACCENTURE Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions underpinned by the world s largest delivery network Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 401,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at FOR MORE INFORMATION ON ACCENTURE SECURITY, PLEASE VISIT: Copyright 2017 Accenture. All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. This document makes descriptive reference to trademarks that may be owned by others. The use of such trademarks herein is not an assertion of ownership of such trademarks by Accenture and is not intended to represent or imply the existence of an association between Accenture and the lawful owners of such trademarks.