Outsourcing giant Accenture has released its “State of Cybersecurity Resilience 2023” which said that organizations that closely align their cybersecurity programs to business objectives are 18% more likely to achieve target revenue growth and market share and improve customer satisfaction.
The report also said 26% of these companies are more likely to lower the cost of cybersecurity breaches/incidents, on average.
The report is based on a survey of 3,000 security and business executives from large organizations across Europe, North America, South America and Asia-Pacific, Accenture said.
The report identifies a group of companies that are leading the way in their cybersecurity efforts. These companies — which Accenture calls “cyber transformers” and account for 30% of respondents — strike a balance between excelling at cyber resilience and aligning with the business strategy to achieve better business outcomes.
“The accelerated adoption of digital technologies like generative AI — combined with complex regulations, geopolitical tensions and economic uncertainties — is testing organizations’ approach to managing cyber risk,” said Palo Dal Cin, global lead of Accenture Security.
“In this rapidly changing environment, business leaders need to embed cybersecurity into the fabric of their digital core transformation efforts to become business resilient. This is one of the key differentiating traits of cyber transformers, who demonstrate that they are better equipped to drive successful business outcomes.”
Four characteristics set cyber transformers apart from other companies. They:
- Excel at integrating cybersecurity and risk management. Cyber transformers integrate a cyber risk-based framework into their enterprise risk management program; have their cybersecurity operations and executive leadership agree on the priority of assets and operations to be protected; and consider cybersecurity risk to a great extent when evaluating overall enterprise risk (65% vs. 11%).
- Leverage cybersecurity-as-a-service to enhance security operations. Cyber transformers are more likely than others to use managed services providers to administer cybersecurity operations (40% vs. 24%).
- Are more committed to protecting their ecosystem. Cyber transformers are more likely than others to take such actions as incorporating their ecosystem or supply chain partners into their incident response plan (45% vs. 37%) and to require them to meet strict cybersecurity standards (41% vs. 29%).
- Rely heavily on automation. Cyber transformers are far more likely than others to rely heavily on automation for their cybersecurity programs (89% vs. 57%). In addition, 96% of all respondents whose organizations substantially automate their cybersecurity said that automation helps them alleviate cyber talent shortages — a key challenge for any company seeking cyber resilience.
“While organizations are taking steps to better align cybersecurity programs with business goals, there is still plenty of room for improvement, with more than 60% of respondents still falling victim to successful breaches coming from outside their organizations,” said Jacky Fox, Accenture Security lead for Europe.
“Working more effectively across the C-suite and ensuring that security efforts have a positive business impact require a business-led CISO who acts as an educator and collaborator with non-security leaders.”
The report highlighted that organizations that embed three key cybersecurity actions into their digital transformation efforts and apply strong cybersecurity practices across the organization are nearly six times more likely to experience more effective digital transformations than those that don’t do both.
The cybersecurity actions that organizations can take to increase the success and satisfaction of their digital transformations are:
- Require cybersecurity controls before all new business services and products are deployed;
- Apply cybersecurity incrementally as each digital transformation milestone is achieved; and
- Appoint a cybersecurity representative as part of the core transformation team who orchestrates cybersecurity across all transformation initiatives.
Accenture Research surveyed 3,000 executives — comprising 2,500 chief information security officers (CISOs) and 500 CEOs and CFOs — from large organizations (revenues > $1 billion) in 15 industries across 14 countries in North America, Europe, Asia-Pacific and South America.
The goal was to understand the role of cybersecurity in organizations’ approach to transformation and the broader cybersecurity practices that facilitate secure digital transformation. The study was fielded from September to October 2022.