Professional Documents
Culture Documents
Accenture Cybersecurity Report 2020
Accenture Cybersecurity Report 2020
INNOVATE
FOR CYBER
RESILIENCE
LESSONS FROM LEADERS TO MASTER
CYBERSECURITY EXECUTION
CONTENTS
ABOUT THE AUTHORS ...................................3 WHY LEADERS ARE MORE SUSTAIN WHAT THEY HAVE
CYBER RESILIENT ........................................ 16 Maintain existing investments ................ 38
SECURE INNOVATION....................................4 Stop more attacks....................................18 Perform better at the basics ...................39
AT A GLANCE .................................................5 Find breaches faster ...............................20
Fix breaches faster.................................. 22 MASTERING CYBERSECURITY
THE STATE OF CYBER RESILIENCE................. 7 EXECUTION................................................. 40
Reduce breach impact............................ 24
WHERE ARE WE NOW? ABOUT THE RESEARCH ............................... 41
WHAT MAKES LEADERS SUCCESSFUL ........ 27
Investment in innovation grows ............... 8 Our methodology ...................................43
The basics seem better............................. 9 INVEST FOR OPERATIONAL SPEED Demographics......................................... 45
Progress masks hidden threats............... 10 Prioritize moving fast .............................. 28 Reporting structure.................................46
Unsustainable cost increases ..................12 Choose turbo-charging technologies ....30 Budget authorization .............................. 47
Security investments are failing ..............14
DRIVE VALUE FROM NEW INVESTMENTS
Scale more .............................................. 32
Train more ............................................... 34
Collaborate more ....................................36
Kelly leads the Accenture Security business Ryan leads the North America practice for Paolo leads the Europe and Latin America
globally. With more than 25 years of security Accenture Security. He is responsible for nurturing practice for Accenture Security. He has 20 years
industry experience, Kelly specializes in breach the talented teams that bring transformative of experience leading complex projects for
incident response, identity management, privacy solutions to better defend and protect our clients. Accenture clients. He is an expert in security
and data protection, secure software development, Over the course of nearly two decades, He has strategy, business resilience, cyber defense and
and cyber risk management. His role as the worked with Accenture clients in the commercial, offense, cloud protection, security analytics, threat
Accenture Security lead spans strategic consulting, non-profit and public sectors helping them identify intelligence, application security, data protection
proactive risk management and digital identity and implement emerging technology solutions and managed security services. He has authored
to cyber defense, response and remediation to meet their business needs. Ryan is a Ponemon several articles on security and is a frequent
services, and managed security services—across Institute Fellow and is active with the Greater speaker at security events. Paolo taught information
all industries. Kelly is also affiliated to OASIS, a Washington Board of Trade. and communication technology (ICT) security at
non-profit consortium that drives the development, the Universities of Udine, Modena and Milan.
convergence, and adoption of open standards for Twitter: https://twitter.com/Labsguy
the global information society. Twitter: https://twitter.com/Paolo_DalCin
Twitter: https://twitter.com/ckellybissell
At first glance, the basics of cybersecurity are distinct groups: the first an elite group—17 What is one key to secure innovation? Leaders
improving and cyber resilience is on the rise. Our percent—that achieve significantly higher levels show us that they scale, train and collaborate
latest research shows that most organizations are of performance compared to the rest. These more. So, while non-leaders measure their
getting better at preventing direct cyberattacks. organizations set the bar for innovation and success by focusing on the destination —
But in the shape-shifting world of cybersecurity, achieve high-performing cyber resilience. The improved cyber resilience—the leaders focus
attackers have already moved on to indirect second is the group forming the vast majority of on how to get there using warp speed to detect,
targets, such as vendors and other third parties our sample—74 percent—who are average mobilize and remediate.
in the supply chain. It is a situation that creates performers, but far from being laggards in cyber
In the Accenture Third Annual State of Cyber
new battlegrounds even before they have resilience. This second group has lessons to learn
Resilience report we take a deep dive into what
mastered the fight in their own back yard. At the from our leaders while leaders, too, have further
sets leaders apart. Based on our research among
same time, cybersecurity cost increases are room for improvement.
4,644 executives and backed by our knowledge
reaching unsustainable levels and, despite the
Being innovative in security is different to any and deep industry expertise, our findings aim to
hefty price tags, security investments often fail
other aspect of the business. Caution is help organizations innovate securely and build
to deliver. As a result, many organizations face
necessary. After all, a fail fast approach is not an cyber resilience to help grow with confidence.
a tipping point.
option for security where attack vulnerabilities
In this cybersecurity report, we show how
There is good news for organizations wondering could be catastrophic. Growing investments in
organizations are coping with cybersecurity
if they will ever move beyond simply gaining innovation illustrate organizations’ commitment
demands since our last analysis and explore
ground on the cyber attacker. Our analysis to prevention and damage limitation. And it is
what our large sample of non-leaders can do
reveals there is a group of standout organizations here that leaders excel. By focusing on the
to master cybersecurity execution and drive
that appear to have cracked the cybersecurity technologies that provide the greatest benefit
innovation success.
code for innovation. Detailed modeling of and sustaining what they have, they are finding
cybersecurity performance has identified two themselves moving fast and first in the race to
cyber resilience.
resilience?
strategies to respond quickly to threats,
so it can minimize the damage and
continue to operate under attack. As
a result, the cyber-resilient business
can introduce innovative offerings and
business models securely, strengthen
customer trust, and grow with
confidence.
The number of Direct attacks are Indirect attacks Sixty-nine percent Failures lead to
leaders spending down 11 percent over against weak links in say staying ahead gaps in protection,
more than 20 percent the last year and the supply chain now of attackers is a lower detection
of IT budgets on security breaches are account for 40 percent constant battle rates, longer business
advanced technology down by 27 percent. of security breaches. and the cost is impact and more
investments has unsustainable. customer data loss.
doubled in the last
three years.
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 8
WHERE ARE WE NOW?
11%
cybersecurity tools have advanced significantly improved levels of cybersecurity protection over
over the past few years and are noticeably the past year. For example, the total number of
improving their organization’s cyber resilience. cyberattacks dropped 11 percent, from 232 to
206 targeted attacks. At the same time, we have
Improvements in basic security hygiene back up seen a larger drop of 27 percent in the number of
this finding. Being able to accurately assess the security breaches which indicates the basics
number of cyberattacks against an organization seem to be improving. On average, organizations
depends on the ability of each organization to now face 22 security breaches per year SECURITY BREACHES
27%
detect them. On the other hand, security compared with 30 in the previous year.
breaches are real events and likely to be more
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 10
Lock the front As we have seen earlier, as soon as one
breach avenue has been foiled, attackers
Given finite security resources, there is
value in a data-driven, business-focused,
and back doors are quick to find other means. With the
growth in indirect attacks, the spotlight
tiered-risk approach to secure the
enterprise ecosystem. This may mean
falls on protecting third parties and introducing managed services to help
other partners. But there are enormous the organization tackle the wider scope
challenges in managing third-party and scale. By collaborating more
cyber risks. Large volumes of data can broadly with others with the common
overwhelm the teams responsible for goal of securing the enterprise and its
managing compliance. The complexities ecosystem, organizations can not only
of global supply chains, including the play a responsible role in helping their
regulatory demands of various regions smaller partners to beat cybercrime, but
or countries, add to the strain. In our also they can be sure they are not
experience, many CISOs feel that the bolting the front door from attackers
sizable number of vendors outstrips their while leaving the back door wide open.
capacity to monitor them.
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 12
How to help Cybersecurity is not an easy problem to
solve for any business. As our research
could perform at the same level as
leaders—that is, having the same
cost of a
the areas where organizations can make a leaders—our detailed modeling indicates
difference is in reducing cost—both in they could reduce the cost per attack by
cyberattack
terms of the cybersecurity protection cost 72 percent (see About the Research,
to the business and the wider economic p.44). This is a potential saving of
impact. In short, they need to be clear US$273,000 per security breach,
what is at stake for average performance reducing the average cost to US$107,000.
as well as measuring their existing With an average 22 incidents per year,
investments. this equates a potential saving of US$6
million per year for non-leaders.
Our research found that the current
average cost per attack for non-leaders
was US$380,000 per incident. If they
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 14
Building cyber resilience takes teamwork. clearly is an area where non-leaders could
Employees, third-party suppliers, alliance improve their performance significantly.
partners, law enforcement agencies and even
Despite suffering from more frequent attempts
competitors all have their parts to play. However,
to access customer records, only 15 percent of
the first line of defense in an organization is the
leaders have had more than 500,000 customer
cybersecurity team. On average, our research
records exposed through cyberattacks in the last
shows the security teams of non-leaders discover
12 months. But 44 percent of non-leaders admit
54 percent of cybersecurity breaches, while the
that more than 500,000 customer records were
security teams of leaders were able to find 83
exposed across all security breaches in the last
percent. This level of detection enables leaders
year. The result is that 19 percent of non-leaders
to respond quickly and start to fix security
faced regulatory actions in the last 12 months
breaches sooner to reduce overall damage.
compared with only 13 percent of leaders.
A failure to fully exploit advanced technology Another outcome of this finding is that 19
investments is also having an impact in terms of percent of non-leaders faced financial penalties
remediation. More than half of all security compared with only 9 percent of leaders. With
breaches (55 percent) for leaders had a business potential fines in excess of US$100 million for
impact lasting more than 24 hours. For non- violations of general data protection regulations
leaders, the figure was 93 percent. Reducing the (GDPR), regulatory fines may match, or even
impact on the organization to less than one day exceed, the overall cost of cybercrime for an
is a tough challenge, even for leaders, but this organization.
4x 4x 3x 2x
Leaders have nearly Leaders have a fourfold Leaders have nearly Leaders have a twofold
a fourfold advantage advantage in detection a threefold advantage advantage in containing
in stopping targeted speed. in speed of remediation. damage impact.
cyberattacks.
Detailed modeling and statistical analysis of Figure 5. The defining characteristics of leaders in cybersecurity performance
cybersecurity performance (see our
methodology in “About the research” p.17) has
identified a group of leaders that achieve CHARACTERISTICS LEADERS (17%) NON-LEADERS (74%)
significantly higher levels of performance
compared with the non-leaders. The statistical
analysis revealed that leaders were characterized Stop more
1 in 27 attacks breach security 1 in 8 attacks breach security
attacks
as among the highest performers in at least three
of the following four categories: stop more
attacks, find breaches faster, fix breaches faster Find breaches
and reduce breach impact (Figure 5). 88% detect breaches in less than one day 22% detect breaches in less than one day
faster
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 17
WHY LEADERS ARE MORE CYBER RESILIENT
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 18
Leaders TAKE ACTION
have nearly
The performance target for non-leaders is
to reduce the number of cyberattacks that
result in a security breach from 1-in-8 to
a fourfold 1-in-27 or better.
advantage
When attempting to reduce the number
of security breaches, leaders say they
in stopping
benefit most from using the following
three cybersecurity technologies:
Next-Generation Firewall (NGF);
targeted Security Orchestration Automation and
Response (SOAR) and Privileged Access
22%
12% 15%
2%
0%
Less than one day 1–7 days 1–4 weeks More than one month
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 20
Leaders have TAKE ACTION
a fourfold
The performance target for non-leaders
is to reduce the average detection rate for
a security breach from up to seven days
advantage or more to less than one day.
in detection
When attempting to find security
breaches faster, leaders say they benefit
speed
most from using the following three
cybersecurity technologies: Artificial
Intelligence (AI), Security Orchestration
Automation and Response (SOAR) and
Next-Generation Firewall (NGF). See page
26 for more on the specific technologies
that benefit leaders.
4% 3% 1%
0%
15 days or less 16–30 days 31–60 days 61–90 days More than 90 days
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 22
Leaders TAKE ACTION
have nearly
The performance target for non-
leaders is to reduce the average time to
remediate a security breach from up to a
a threefold month or more to 15 days or less.
advantage
Leaders, when finding security breaches
faster, say they benefit most from
in speed
using the following three cybersecurity
technologies: Security Orchestration
Automation and Response (SOAR),
of remediation Artificial Intelligence (AI) and Next-
Generation Firewall (NGF). See page 26
for more on the specific technologies
that benefit leaders.
a twofold
The performance target for non-leaders
is to ensure at least three out of five security
breaches have no impact or only a minor impact.
advantage in When trying to limit the impact of security
containing
breaches, leaders say they benefit most from
using the following three cybersecurity
damage impact
technologies: Artificial Intelligence (AI), Next-
Generation Firewall (NGF) and Security
Orchestration Automation and Response
(SOAR). See page 26 for more on the specific
technologies that benefit leaders.
#1
#1
#2
#2
#3 #4
#4
Cost reduction #1 #2 #3 #4
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 26
WHAT MAKES LEADERS
SUCCESSFUL
Invest for Drive value Sustain
operational from new what they
speed (p.28) investments (p.32) have (p.38)
Leaders prioritize moving Leaders scale more, train Leaders place more
fast and choose turbo- more and collaborate more emphasis on maintaining
charging technologies to to increase the value from existing investments
help them get there. innovative technology. and perform better at the
basics of cybersecurity.
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 29
INVEST FOR OPERATIONAL SPEED
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 31
DRIVE VALUE FROM NEW INVESTMENTS
Scale more
The rate at which organizations scale investments Protect more key assets
across their business has a significant impact on
their ability to defend against attacks. The leaders The ability to scale is an important factor in the TAKE ACTION
reach of security programs. The cybersecurity
best at scaling technologies—defined as 50 percent
or more tools moving from pilot to full-scale programs for the best at scaling actively protect
three-quarters of all key assets in the
Non-leaders should
deployment—perform four times better than their
counterparts (Figure 12). For the leaders best at organization. The rest cover only one-half of their consider scaling fast, like
scaling, only 5 percent of cyberattacks resulted in key assets. It is little surprise that 86 percent of the leaders, to realize how
leaders agreed new cybersecurity tools are
a security breach. For the non-leaders, 21 percent
increasing the reach of cybersecurity coverage effective investments in
of cyberattacks resulted in a security breach.
for their organizations. new security technologies
Better security team detection
can be in improving
security team detection
Security teams are also more effective for
organizations who scale more of their technology rates and protecting more
investments. For those best at scaling, security key assets—but only when
teams discovered almost three-quarters of
cybersecurity attacks against their organizations
they are fully deployed
compared with only one-half of all cyberattacks across the enterprise.
for their counterparts.
Scale more
Figure 12. The percentage of the security tools piloted then scaled and used
throughout the enterprise
60%
50% or more scaled
48%
29%
25–49% scaled
40%
11%
0–24% scaled
12%
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 33
DRIVE VALUE FROM NEW INVESTMENTS
Train more
Training is another area where most organizations Protect more key assets
can make significant improvements. When asked
about security tools adopted by their organization Introducing new tools means that training is TAKE ACTION
essential to get the best out of them. For the
that require training, 30 percent of leaders
provided training for more than three-quarters of best at training, 85 percent of their organization
is actively protected by their cybersecurity
Non-leaders should
users when it was needed, versus just 9 percent
of non-leaders (Figure 13). For the best at training, program. The rest protect only 56 percent of consider training more,
only 6 percent of cybersecurity attacks resulted their organization through their cybersecurity like the leaders, to make
program.
in a security breach compared with an average of security tools more
11 percent for the rest. Clearly, there is room for
leaders and non-leaders to improve their effective. They could
performance by training more. benefit from better
Faster at discovering and fixing breaches protection of more key
The speed with which organizations find security assets along with faster
breaches is faster for those who provide higher discovery and remediation
levels of training. The best at training found 52
percent of security breaches in less than 24
of breaches.
hours, compared with only 32 percent for the
rest. How long it takes to remediate a security
breach is also an aspect of better training. For
the leaders in training, 65 percent of all security
breaches are remediated within 15 days.
Train more
Figure 13. The percentage of users who receive training when needed
for new security tools adopted by an organization
30%
More than 75%
9%
33%
51%–75%
31%
32%
25%–50%
53%
5%
Less than 25%
8%
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 35
DRIVE VALUE FROM NEW INVESTMENTS
Collaborate more
When asked about the importance of Threat intelligence plays a key role in ways to
collaboration, 79 percent of respondents agreed collaborate for leaders. Leaders focus more on
collaborations with other organizations, knowledge sharing with partners and sharing TAKE ACTION
government bodies and the wider security threat information among the security ecosystem
community will be one of the essential weapons in their top five ways of collaborating with Non-leaders should
organizations will need to combat cyberattacks
in the future. The organizations best at
partners (Figure 14).
consider collaborating
collaborating—the ones using more than five more, like the leaders.
methods to bring together strategic partners, They could realize a better
security community, cybersecurity consortiums,
and an internal task force to increase return on technology
understanding of cybersecurity threats—are two investments with a
times better at defending against attacks than
others. Organizations that collaborate more have
better containment of
a breach ratio of 6 percent against an average business impact and
of 13 percent for the rest. greater protection for key
assets and the extended
ecosystem.
Collaborate more
Figure 14. Main ways that organizations that are best at collaborating work with partners
Leaders Non-leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 37
SUSTAIN WHAT THEY HAVE
Leaders
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 38
SUSTAIN WHAT THEY HAVE
Leaders Non-leaders
Source: Accenture Research; n=4,644
Copyright © 2020 Accenture. All rights reserved. 1 www.accenture.com/us-en/insight-data-achieving-centric-security-2017 39
MASTERING
CYBERSECURITY
EXECUTION
A core group of leaders has shown that cyber in advanced technologies has doubled in the
resilience is achievable and can be reproduced.
By investing for operational speed, driving value
last three years. The combined result is a new
level of confidence from leaders in their ability
Test your own
from these investments, and sustaining what to extract more value from these investments— cybersecurity
they have, they are well on the way to mastering
cybersecurity execution.
and by doing so, exceed the performance
levels of the non-leaders.
leadership
Ask your Accenture contact if you would
Leaders often take a more considered With two out of five cyberattacks now indirect,
like to undertake the Accenture Security
approach to their use of advanced organizations must look beyond their own
Diagnostic to benchmark your
technologies by choosing those which help four walls to their broader ecosystems. They
organization’s cybersecurity program
deliver the speed of detection and response should become masters of cybersecurity
capabilities against those of your peers
they need to reduce the impact of execution by stopping more attacks, finding and
in a personalized report.
cyberattacks. And once they do decide to fixing breaches faster and reducing breach
invest, they scale fast—the number of leaders impact. In this way, they can not only realize
spending more than one-fifth of their budget security innovation success, but also achieve
greater cyber resilience.
1 2
Accenture Security surveyed 4,644 executives to
understand the extent to which organizations
prioritize security, how comprehensive their STOP MORE FIND BREACHES
security plans are, and how their security ATTACKS FASTER
investments are performing. The executives
represent organizations with annual revenues of The ratio of security breaches The percentage of the group
US$1 billion or more from 24 industries and 16 over attempted attacks that detect a breach in less
countries across North and South America,
Europe and Asia Pacific. received by each group. than one day.
The first step of our approach was to determine
the characteristics of high-performance
cybersecurity. We developed a list of dimensions
3 4
that set leaders apart and which help leaders have
a positive impact on reducing the overall cost of
cybercrime. Our analysis determined leaders as FIX BREACHES LOWER BREACH
those companies that exhibit high-performance FASTER IMPACT
in at least three of these dimensions:
Stop more attacks The percentage of the group The percentage of no impact
Find breaches faster that fix a breach in less than and minor impact attacks
Fix breaches faster 15 days. received by each group.
Lower breach impact
Our methodology
We then conducted a series of “what if” Figure 17. A formula to assess the cost of cybercrime
experiments to explore the return on investment
of improving these cybersecurity practices. We
created a formula to assess the cost of
cybercrime for a company: the average cost per
attack, multiplied by the total number of attacks.
Cost of
The average cost per attack was the total of the Average cost Total number
cybercrime for
daily cost of an attack by damage type, by the per attack of attacks
days to detect and fix an attack of this damage
a company
type, by the proportion of attacks for this
damage type. The total number of attacks 4
consisted of the security breach ratio by the total Daily cost
of an attack Days to detect Proportion of Successful Total
attempted breaches. of damage and fix an attack attacks of breach ratio attempted
type i of damage type i damage type i breaches
The average cost per attack was the total of i=1
the daily cost of an attack by damage type, by
the days to detect and fix an attack of this Cost of an attack of damage type i
damage type, by the proportion of attacks for
this damage type. The total number of attacks
consisted of the security breach ratio by the
total attempted breaches (Figure 17).
Note: all variables come from our survey comprising data for 4,644 organizations.
We assume variables in grey to remain constant. Damage type includes attacks that are:
Copyright © 2020 Accenture. All rights reserved. (1) Significant, (2) Moderate, (3) Minor and (4) No impact. 43
ABOUT THE RESEARCH
Our methodology
Our modeling simulations estimate the value Figure 18. Cost reduction per attack if non-leaders perform as leaders
to non-leaders of improving cybersecurity
performance to the level of a leader could
reduce the cost per incident by 72 percent. This
equates to US$273,000 potential savings on
average (Figure 18). $380,000 –72% =
–US$ 273,000
Average cost
per attack for
non-leader
companies* $107,000
-61%
-11%
Demographics
3RD 16
Australia Netherlands
Brazil Norway
US$1B+
Canada Portugal
France Singapore
Germany Spain
ANNUAL Revenues
Ireland United Kingdom
Italy United States
24 4644
Aerospace Health Pharma
Automotive Provider Retail
Banking Health Payer Telecom
Biotech High Tech Travel
Capital Industrial Software
Markets Insurance US Federal
Chemicals Life Sciences Utilities
Consumer Media
Reporting structure
The reporting structure, the influence of the Figure 19. Direct reports for research respondents
C-suite and Board and who manages the budget
have always been important considerations in
any cybersecurity program. Our 4,644 executives
highlighted that:
Budget authorization
The impact of budget approval continues to Figure 20. Cybersecurity budget authorization for research respondents
vary. The CEOs/Executive team’s influence is
steady, nudging down just a few points from
last year’s findings. The Board, however, is at
32%
around one-third of the level of participation in CEO/Executive Committee
26%
budget approval compared with last year. To
9%
compensate for this, CISO, CFO and CIO budget CISO/Chief Security Officer
16%
authorization is up by 5 to 10 points each over the
27%
year. While CEOs and the executive committee Board of Directors
8%
continue to be actively involved in cybersecurity
12%
governance; for many, this suggests budget Chief Financial Officer
21%
approvals seem to be moving toward more
6%
of a business-as-usual activity (Figure 20). Chief Information Officer
13%
11%
Chief Operating Officer
5%
1%
Chief Risk Officer
5%
1%
Functional leadership
3%
Chief Data Officer 0%
3%
Last ye
year All-Now
Copyright © 2020 Accenture. All rights reserved. Source: Accenture Research; n=4,644 47
About Accenture About Accenture Security About Accenture Research
Accenture is a leading global professional Accenture Security helps organizations build Accenture Research shapes trends and creates
services company, providing a broad range of resilience from the inside out, so they can data driven insights about the most pressing
services and solutions in strategy, consulting, confidently focus on innovation and growth. issues global organizations face. Combining the
digital, technology and operations. Combining Leveraging its global network of cybersecurity power of innovative research techniques with a
unmatched experience and specialized skills labs, deep industry understanding across client deep understanding of our clients’ industries,
across more than 40 industries and all business value chains and services that span the security our team of 300 researchers and analysts
functions—underpinned by the world’s largest lifecycle, Accenture protects organization’s spans 20 countries and publishes hundreds of
delivery network—Accenture works at the valuable assets, end-to-end. With services that reports, articles and points of view every year.
intersection of business and technology to help include strategy and risk management, cyber Our thought-provoking research—supported by
clients improve their performance and create defense, digital identity, application security proprietary data and partnerships with leading
sustainable value for their stakeholders. With and managed security, Accenture enables organizations, such as MIT and Harvard—guides
approximately 505,000 people serving clients businesses around the world to defend against our innovations and allows us to transform
in more than 120 countries, Accenture drives known sophisticated threats, and the unknown. theories and fresh ideas into real-world
innovation to improve the way the world works Follow us @AccentureSecure on Twitter solutions for our clients. For more information,
and lives. Visit us at www.accenture.com. or visit the Accenture Security blog. visit www.accenture.com/research.
Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered
trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties
of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution
of this material is forbidden without express written permission from Accenture. The opinions, statements, and
assessments in this cybersecurity report are solely those of the individual author(s) and do not constitute legal advice,
nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates.