Accenture’s report finds firms in capital markets and banking could do more to prevent security breaches and strengthen cyber resilience. Read our report to learn how Accenture can help you rise to the top of the class: https://accntu.re/3k8mCN1
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Hold Firm: The State of Cyber Resilience in Banking and Capital Markets
1. The state of cyber resilience
in banking and capital markets
HOLDING
FIRM
THIRD ANNUAL STATE OF CYBER RESILIENCE
2. The Accenture CyberResilience
survey isaglobalstudy thatexplores
thestate ofcyberresilience across a
broad rangeofindustries and
countries.
The survey was conducted across 24 industries
and 16 countries. 4,644 security executives
were surveyed in all, including 457 banking and
capital markets executives and 402 insurance
executives.
Banking and Capital
Markets executives
surveyed
457
About the Study
Source: Third Annual State of Cyber Resilience, Accenture, March 2020.
3. The State of Cyber Resilience:
The basics are stronger
Cybersecurity
basics are better
for all surveyed
companies.
Banking and capital
markets firms have
madegreat strides in
cybersecurity.
direct
attacks
11% 27%
security
breaches
2% 25%
security
breaches
Source: Third Annual State of Cyber Resilience – Banking and Capital Markets, Accenture, March 2020.
Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
direct
attacks
4. But banking and capital markets firms are not
recovering quickly enough from successful breaches.
33%
Time to detect a breach:
88 percent of cross-industry
leaders discover a breach
in less than a day, but only
one-third of banking and
capital markets firms can say
the same.
44%
Ability to remediate
a breach within 15 days:
96 percent of leaders vs.
44 percent of banking and
capital markets firms.
32%
Breaches with no material
effect (a breach notification
was required, but little or no
damage was experienced:
True for 58 percent of
leaders, but only 32 percent
for banking and capital
markets firms.
They are lagging in areas such as:
5. Innovation investment is growing.
Banks Capital
Market Firms
Banks and
Capital
Markets
86%of banking and capital markets
firms spend more than 20
percent of cybersecurity
budgets on advanced
technologies.
33%of banking institutions spend
from 40 to 60 percent of
their cybersecurity budget
on advanced technologies,
up 9 points from three
years ago.
47%are spending between
40 and 60 percent of
their budget on advanced
technology, up from only
17 percent three years ago.
Source: Third Annual State of Cyber Resilience – Banking and Capital Markets, Accenture, March 2020.
Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
6. But banking and capital market firms worry that
they won’t be able to keep pace.
Cost rises are unsustainable.
56%
of banking and capital
markets firms report cost
rises in last two years.
65%
of banking and capital
markets firms say staying
ahead of attackers is a
constant battle and the cost
is unsustainable.
Source: Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
7. Investments also need to work harder.
For surveyed banks and capital
markets firms:
Source: Third Annual State of Cyber Resilience – Banking and Capital Markets, Accenture, March 2020.
Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
Low detection
rate
59%of breaches are found
by the security team.
High breach
rate
11%of breaches are
successful.
Longer breach
impact
14%of all breaches had
an impact lasting <
24 hours.
Customer data
exposed
38%had more than 500K
records exposed in
the last year.
8. Indirect attacks are a growing concern.
Ecosystem not
fully protected
More reliant
on third parties
There are
hidden threats
39%of security breaches at banking
and capital markets firms
surveyed are indirect attacks
that target weak links in the
supply chain.
59%of an organization is
actively protected by the
security program.
71%of surveyed IT professionals
expected their companies to
become more reliant on third
parties over the next few years.
Source: Third Annual State of Cyber Resilience – Banking and Capital Markets, Accenture, March 2020.
Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
Vendor Vulnerability: How to Prevent the Security Risk of Third-Party Suppliers, Bomgar, 2016.
9. A group of leading banking and capital markets
firms are doing things differently.
4xbetter at stopping
attacks
4xbetter at finding
breaches faster
3xbetter at fixing
breaches faster
2xbetter at reducing
breach impact
15 percent of the banking and capital markets firms have significantly
higher levels of cybersecurity performance compared to their
industry peers.
About About
Source: Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
10. Next-Generation
Firewall (NGF)
Security Orchestration
Automation and
Response (SOAR)
Privileged Access
Management (PAM)
Cybersecurity leaders choose the right
technologies
Surveyed leaders know which technologies can help them attain a
broader level of cybersecurity effectiveness.
11. Follow the leaders mastering cybersecurity
execution.
What makes surveyed leaders effective at cybersecurity?
Prioritize
speed –
stop,
identify and
fix breaches
Scale
more –
investment
in
technology
Train
more – in
security-
related
areas
Collaborate
more –
internal
and
external
Source: Holding Firm – The state of cyber resilience in banking and capital markets, Accenture July 2020.
12. 12
www.accenture.com/FSstateofcyber
Download the
StateofCyber
Resiliencein
Banking&
CapitalMarkets.
Or contact:
Chris Thompson
Global Security & Resilience Lead –
Financial Services
https://www.linkedin.com/in/christ
opher-thompson-92528832/
Valerie Abend
Managing Director – Accenture
Security, Global Banking
Security Lead
https://www.linkedin.com/in/valerieab
end/
Andrea Agnosti
Managing Director – Accenture
Security, Europe Financial Services
Lead
https://www.linkedin.com/in/agosti