SlideShare a Scribd company logo

The Cyber Security Leap: From Laggard to Leader

Download as PPTX, PDF
Accenture Technology
Accenture Technology

Organizations achieve security outperformance against their industry peers by demonstrating commitment in three critical areas. With Ponemon Institute, we identified the “leapfroggers.”

Technology
1 of 19
The Cyber Security Leap: From Laggard to Leader April 2015
2Copyright © 2015 Accenture All rights reserved. 2Copyright © 2015 Accenture All rights reserved. How do some organizations achieve better security performance? We compared organizations that were able to “leapfrog” their security effectiveness against others that remained static. Defining a Leapfrog organization Key findings Implications About the research
3Copyright © 2015 Accenture All rights reserved. 3Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015 • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance
4Copyright © 2015 Accenture All rights reserved. 4Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy Strategy Governance • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Technology Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
5Copyright © 2015 Accenture All rights reserved. 5Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
6Copyright © 2015 Accenture All rights reserved. 6Copyright © 2015 Accenture All rights reserved. Organizations with static security effectiveness demonstrated different characteristics • Operate security under a veil of stealth, secrecy and underfunding • Prioritize external threats • Focus on prevention rather than quick detection or containment • Drive security investments by compliance with regulations and policies • View security as diminishing employee productivity • Believe security budgets are inadequate for meeting the company’s security mission
7Copyright © 2015 Accenture All rights reserved. 7Copyright © 2015 Accenture All rights reserved. Leapfrog organizations value innovation as a way to strengthen their security posture Higher value placed on security innovation 33% Higher level of security innovation change in the past two years 45% More security innovation 20%
8Copyright © 2015 Accenture All rights reserved. 8Copyright © 2015 Accenture All rights reserved. Establishing a security strategy as a business priority separates Leapfrog from Static organizations Security and business objectives aligned 70% 55% 69% 45% 63% 40% Security is priority Security strategy exists LEAPFROG STATIC LEAPFROG STATIC LEAPFROG STATIC
9Copyright © 2015 Accenture All rights reserved. 9Copyright © 2015 Accenture All rights reserved. Security outsourcing is often a component of Leapfrog organization strategies Outsourcing core security operations can greatly increase security effectiveness by providing access to advanced technology and expert resources. Leapfrog Static Has strategy & does not outsource security operations 23% 15% 55% 32% Has strategy & outsources security operations
10Copyright © 2015 Accenture All rights reserved. 10Copyright © 2015 Accenture All rights reserved. Leapfrog organizations proactively use advanced technologies to secure their network and cloud environments LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high) Secure (encrypt) data stored in cloud environments 7.186.00 Establish security protocols over big data 6.334.94 Pinpoints anomalies in network traffic 8.557.45 Provide advance warning about threats and attackers 8.277.56
11Copyright © 2015 Accenture All rights reserved. 11Copyright © 2015 Accenture All rights reserved. Leapfrog organizations focus more on securing network, sensitive data and the cloud; Static organizations focus more on locking things down. Control insecure mobile devices including BYOD 7.167.76 Limit insecure devices from accessing security systems 6.037.18 LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high)
12Copyright © 2015 Accenture All rights reserved. 12Copyright © 2015 Accenture All rights reserved. Establishing strong governance and controls supports Leapfrog security effectiveness Important governance components include dedicated budget, use of benchmarks and metrics and regular communications with board of directors. Metrics to evaluate security operations 20% 26% Enterprise risk management procedures 35% Regular reporting to the board of directors 34% Benchmark Security operations
13Copyright © 2015 Accenture All rights reserved. 13Copyright © 2015 Accenture All rights reserved. The CISO role in Leapfrog organizations reflects the importance placed on security While both types of organizations have a CISO, the level of responsibility is notably different. CISO defines security strategy and initiatives Leapfrog 71% Static 60% CISO directly reports to a senior executive 71% 58% CISO is accountable for budgets or discretionary spending 65% 55%
14Copyright © 2015 Accenture All rights reserved. 14Copyright © 2015 Accenture All rights reserved. Security effectiveness can be notably improved over a short period of time, by applying lessons learned from three priority areas Strategy Technology Governance
15Copyright © 2015 Accenture All rights reserved. 15Copyright © 2015 Accenture All rights reserved. Suggestions for developing or improving your security strategy • Establish a security strategy that encourages innovation, has dedicated budget and programs, a strong eco-system and a clear vision for how innovation gets on-boarded into production. • Develop the ability to adapt quickly and proactively to the changing threat landscape • Help the organization embrace digital disruption • Align security and organizational priorities • Treat security as a business priority
16Copyright © 2015 Accenture All rights reserved. 16Copyright © 2015 Accenture All rights reserved. Suggested areas for technology focus • Seek out technology and capabilities that enhance the user experience and productivity • Balance prevention, detection and response better—lessen the focus on prevention • Better exploit data within the organization to gain an advantage in detection and response times—move toward security intelligence
17Copyright © 2015 Accenture All rights reserved. 17Copyright © 2015 Accenture All rights reserved. Governance measures to improve performance • Foster a working relationship between CISO and the board to take effective action; educate and collaborate to articulate and prioritize business risk • Use benchmarks and metrics to continually assess the strategy and evolve the organization’s posture • Outsource security operations as appropriate for best use of available expert resources • Eliminate fire-fighting and use resources effectively
18Copyright © 2015 Accenture All rights reserved. 18Copyright © 2015 Accenture All rights reserved. Organizations studied represent various industries and sizes across NA, Europe, Middle East and Asia Pacific 16% 14% 14% 10% 8% 9% 6% 6% 5% 5% 4% 4% 9% 11% 28% 24% 18% 11% Less than 1,000 1,000 to 5,000 5,001 to 10,000 10,001 to 25,000 25,000 to 75,000 More than 75,000Financial services Industries represented Organization size Public sector Services Retail Energy and utilities Industrial Health & pharmaceutical Consumer Technology and software Transportation Other Hospitality Education and research, 1% Communications, 1%
19Copyright © 2015 Accenture All rights reserved. 19Copyright © 2015 Accenture All rights reserved. For more information, visit: accenture.com/cybersecurity 19Copyright © 2015 Accenture All rights reserved.

Recommended

Speak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in TechSpeak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in Tech
aubrey bach
 
Using Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsUsing Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary Negotiations
PayScale, Inc.
 
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
CODECNetworks
 
Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...
Christopher Clark
 
Building security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesBuilding security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO Series
Aaron Carpenter
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?
Phil Agcaoili
 
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
North Texas Chapter of the ISSA
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIRO
Priyanka Aash
 

Recommended

Speak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in TechSpeak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in Tech
aubrey bach
 
Using Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsUsing Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary Negotiations
PayScale, Inc.
 
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
CODECNetworks
 
Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...
Christopher Clark
 
Building security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesBuilding security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO Series
Aaron Carpenter
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?
Phil Agcaoili
 
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
North Texas Chapter of the ISSA
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIRO
Priyanka Aash
 
DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!
Rahul Tiwari
 
WE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecurityWE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - Cybersecurity
Society of Women Engineers
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
IBM Security
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
Philip Beyer
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career Advice
Donald E. Hester
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Christopher Clark
 
BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
Jane Frankland
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double Life
Society of Women Engineers
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydney
Michael Buckley
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your Job
Priyanka Aash
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in Engineering
Society of Women Engineers
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
Barry Caplin
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt template
Billsworth
 
CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017
Allie Gentry
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
Accenture Technology
 
Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
Accenture Technology
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
Accenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
Accenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
Accenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
Accenture Technology
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
Accenture Technology
 

More Related Content

Viewers also liked

The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
IBM Security
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
Philip Beyer
 
BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
Jane Frankland
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydney
Michael Buckley
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt template
Billsworth
 

Viewers also liked (15)

DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!
 
WE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecurityWE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - Cybersecurity
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career Advice
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
 
BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double Life
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydney
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your Job
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in Engineering
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt template
 
CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
 

More from Accenture Technology

More from Accenture Technology (20)

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidently
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual world
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red Hat
 
Accenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture and Mercedes Case Study
Accenture and Mercedes Case Study
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: Infographic
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: Overview
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and Me
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNA
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with Workday
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
 
Technology Vision for SAP 2019
Technology Vision for SAP 2019Technology Vision for SAP 2019
Technology Vision for SAP 2019
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for Workday
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for Pega
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

The Cyber Security Leap: From Laggard to Leader

  • 1. The Cyber Security Leap: From Laggard to Leader April 2015
  • 2. 2Copyright © 2015 Accenture All rights reserved. 2Copyright © 2015 Accenture All rights reserved. How do some organizations achieve better security performance? We compared organizations that were able to “leapfrog” their security effectiveness against others that remained static. Defining a Leapfrog organization Key findings Implications About the research
  • 3. 3Copyright © 2015 Accenture All rights reserved. 3Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015 • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance
  • 4. 4Copyright © 2015 Accenture All rights reserved. 4Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy Strategy Governance • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Technology Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
  • 5. 5Copyright © 2015 Accenture All rights reserved. 5Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
  • 6. 6Copyright © 2015 Accenture All rights reserved. 6Copyright © 2015 Accenture All rights reserved. Organizations with static security effectiveness demonstrated different characteristics • Operate security under a veil of stealth, secrecy and underfunding • Prioritize external threats • Focus on prevention rather than quick detection or containment • Drive security investments by compliance with regulations and policies • View security as diminishing employee productivity • Believe security budgets are inadequate for meeting the company’s security mission
  • 7. 7Copyright © 2015 Accenture All rights reserved. 7Copyright © 2015 Accenture All rights reserved. Leapfrog organizations value innovation as a way to strengthen their security posture Higher value placed on security innovation 33% Higher level of security innovation change in the past two years 45% More security innovation 20%
  • 8. 8Copyright © 2015 Accenture All rights reserved. 8Copyright © 2015 Accenture All rights reserved. Establishing a security strategy as a business priority separates Leapfrog from Static organizations Security and business objectives aligned 70% 55% 69% 45% 63% 40% Security is priority Security strategy exists LEAPFROG STATIC LEAPFROG STATIC LEAPFROG STATIC
  • 9. 9Copyright © 2015 Accenture All rights reserved. 9Copyright © 2015 Accenture All rights reserved. Security outsourcing is often a component of Leapfrog organization strategies Outsourcing core security operations can greatly increase security effectiveness by providing access to advanced technology and expert resources. Leapfrog Static Has strategy & does not outsource security operations 23% 15% 55% 32% Has strategy & outsources security operations
  • 10. 10Copyright © 2015 Accenture All rights reserved. 10Copyright © 2015 Accenture All rights reserved. Leapfrog organizations proactively use advanced technologies to secure their network and cloud environments LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high) Secure (encrypt) data stored in cloud environments 7.186.00 Establish security protocols over big data 6.334.94 Pinpoints anomalies in network traffic 8.557.45 Provide advance warning about threats and attackers 8.277.56
  • 11. 11Copyright © 2015 Accenture All rights reserved. 11Copyright © 2015 Accenture All rights reserved. Leapfrog organizations focus more on securing network, sensitive data and the cloud; Static organizations focus more on locking things down. Control insecure mobile devices including BYOD 7.167.76 Limit insecure devices from accessing security systems 6.037.18 LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high)
  • 12. 12Copyright © 2015 Accenture All rights reserved. 12Copyright © 2015 Accenture All rights reserved. Establishing strong governance and controls supports Leapfrog security effectiveness Important governance components include dedicated budget, use of benchmarks and metrics and regular communications with board of directors. Metrics to evaluate security operations 20% 26% Enterprise risk management procedures 35% Regular reporting to the board of directors 34% Benchmark Security operations
  • 13. 13Copyright © 2015 Accenture All rights reserved. 13Copyright © 2015 Accenture All rights reserved. The CISO role in Leapfrog organizations reflects the importance placed on security While both types of organizations have a CISO, the level of responsibility is notably different. CISO defines security strategy and initiatives Leapfrog 71% Static 60% CISO directly reports to a senior executive 71% 58% CISO is accountable for budgets or discretionary spending 65% 55%
  • 14. 14Copyright © 2015 Accenture All rights reserved. 14Copyright © 2015 Accenture All rights reserved. Security effectiveness can be notably improved over a short period of time, by applying lessons learned from three priority areas Strategy Technology Governance
  • 15. 15Copyright © 2015 Accenture All rights reserved. 15Copyright © 2015 Accenture All rights reserved. Suggestions for developing or improving your security strategy • Establish a security strategy that encourages innovation, has dedicated budget and programs, a strong eco-system and a clear vision for how innovation gets on-boarded into production. • Develop the ability to adapt quickly and proactively to the changing threat landscape • Help the organization embrace digital disruption • Align security and organizational priorities • Treat security as a business priority
  • 16. 16Copyright © 2015 Accenture All rights reserved. 16Copyright © 2015 Accenture All rights reserved. Suggested areas for technology focus • Seek out technology and capabilities that enhance the user experience and productivity • Balance prevention, detection and response better—lessen the focus on prevention • Better exploit data within the organization to gain an advantage in detection and response times—move toward security intelligence
  • 17. 17Copyright © 2015 Accenture All rights reserved. 17Copyright © 2015 Accenture All rights reserved. Governance measures to improve performance • Foster a working relationship between CISO and the board to take effective action; educate and collaborate to articulate and prioritize business risk • Use benchmarks and metrics to continually assess the strategy and evolve the organization’s posture • Outsource security operations as appropriate for best use of available expert resources • Eliminate fire-fighting and use resources effectively
  • 18. 18Copyright © 2015 Accenture All rights reserved. 18Copyright © 2015 Accenture All rights reserved. Organizations studied represent various industries and sizes across NA, Europe, Middle East and Asia Pacific 16% 14% 14% 10% 8% 9% 6% 6% 5% 5% 4% 4% 9% 11% 28% 24% 18% 11% Less than 1,000 1,000 to 5,000 5,001 to 10,000 10,001 to 25,000 25,000 to 75,000 More than 75,000Financial services Industries represented Organization size Public sector Services Retail Energy and utilities Industrial Health & pharmaceutical Consumer Technology and software Transportation Other Hospitality Education and research, 1% Communications, 1%
  • 19. 19Copyright © 2015 Accenture All rights reserved. 19Copyright © 2015 Accenture All rights reserved. For more information, visit: accenture.com/cybersecurity 19Copyright © 2015 Accenture All rights reserved.

Editor's Notes

  1. Leapfrog companies place a 33% greater value on security innovation. Leapfroggers rate the importance of security innovation as 8.1, while static companies rate it as 6.1 on average. Furthermore, 36% of leapfroggers have a dedicated budget for security innovation, compared to only 21% of static companies. So leapfroggers are 71% more likely to value security innovation.
  2. Leapfroggers place a 20% higher value on the importance of using metrics: The importance of deploying metrics is rated at 7.8 by leapfroggers vs. 6.5 by static companies.