A recent report from Accenture revealed the growing challenges that today’s executives face in maintaining the balance between security investments and risk- to achieve cyber resilience.
As per Accenture’s “State of Cybersecurity Resilience Report 2021”, over 50% of all the large enterprises are failing to stop cyber-attacks, identify data breaches quickly or reduce the overall impact of breaches. The respondents witnessed a 31% increase in the average number of cyber-attacks per enterprise in the time span of 2020 and 2021. At the same time, over 80% of respondents reported an increase in their IT security budgets in 2020 alone. They stated that they saw a 15% increase in security investment of all IT spending on average. However, the significant increase in investment is still not able to relieve them from the issue of cybersecurity.
Nearly 80% of the surveyed respondents admitted that staying ahead of cyber-actors is a constant battle that incurs unsustainable costs compared to 69% of respondents in 2020. Improving organization-wide security measures, investing in safeguarding the infrastructure and training employees about the importance of cybersecurity can help organizations improve and potentially enhance their cyber resiliency.
Also Read: OT Security Risks of Taking R&R Approach
Another factor that seems to be bothering the respondents is cloud adoption. Although the digital transformation initiative is accelerating cloud adoption, a third of respondents stated that security had not been a part of initial cloud adoption discussions. They state poor governance, as well as compliance practices around cloud security, are a major area of concern, and that the complexity of cloud security makes it difficult since they do not possess the necessary skills internally to structure a proper cloud security framework. Thus, to tackle these issues, organizations should bring together the capabilities of cybersecurity, business continuity as well as enterprise resiliency.
They should actively take measures to embed security across the business ecosystem and apply fluid security strategies to respond to the threat quickly in an effort to minimize the damage and operate under attack. Being cyber resilient also enables businesses to introduce innovative offerings and business models that secure the value, strengthen the trust and confidence of customers.
Achieving cyber resilience requires organizations to provide the CISOs a seat on the board. Instead of letting them work in a security-focused environment, they should collaborate with their C-suite counterparts to enable them to understand business risks while the CISO becomes aware of organization-wide priorities.
While stopping the cyber-attacks altogether is not possible, implementing measures to prevent these events from happening is. They should monitor risks and reassess third-party vendor agreements to maintain cyber hygiene standards.
Organizations should prioritize cloud security to enable better outcomes and mitigate risk from the beginning. They should bring up the topic of security in the beginning of cloud adoption conversations rather than preserving it for the future.
Challenges related to cybersecurity are endless, but as they increase, investments in security solutions are on the rise. At the same time, the relationship between cloud and security continues to prove challenging, it is crucial that organizations continually assess their infrastructure and take a strategic approach to address them.
For more such updates follow us on Google News ITsecuritywire News