2018 State of Cyber Resilience Report - Ireland

2018 State of
Cyber Resilience
GAINING
GROUND
ON THE CYBER
ATTACKER
IRELAND

Organizations are improving cyber resilience and showing they can
perform better under greater pressure as the number of targeted attacks
more than doubles.
CLOSING THE GAP ON CYBER ATTACKS
Organizations reduced the rate
of successful attacks: From 30% to 13%.
In the past 12 months, how many attempted / successful breaches have you
identified and how many were successful?
Average.
2018
258
35
Targeted attacks
Security breaches
Ireland

14%
30%
45%
10%
24%
28%
22%
23%
Less than 50%
51%-65%
66%-75%
76% or more
2017 2018
13%
33%
46%
8%
17%
31%
21%
31%
Less than 50%
51%-65%
66%-75%
76% or more
2017 2018
Despite the rising number of cyber attacks, security teams continue to
identify nearly two-thirds of all breach attempts, 63% on average, and twice
as many of them are now able to detect 76% or more cyber attacks.
Proportion of cyber
attacks discovered
by security teams
Global
Global mean:
63%
Ireland mean: 70%
Ireland

5
66%
60%
58%
56%
53%
69%
61%
55%
52%
58%
Internally by our employees
Externally by a peer/competitor in
our industry
Externally by the media
White hats
Law enforcement
Copyright © 2018 Accenture Security. All rights reserved.
Collaboration is helping with attacks undetected by security teams.
Cyber attacks
discovered
outside of
security teams
For the breaches that are not detected by your security team, how do you most frequently learn about them? (Ranked top 3)
Global
Ireland

12% 43% 34% 11%Global
Less than one day 1-7 days 1-4 weeks More than one month
9% 49% 32% 10%q16
The majority of security teams are also more effective at finding security
breaches faster—from months and years to just days and weeks.
Improvements in detection speed
of security breaches
Thinking about the past year, how long, on average, did it take for a
successful breach to be detected?
Ireland

IMPROVING CYBER RESILIENCE
Cyber
Response
Readiness
Cyber Response Plans
Cyber Incident Escalation
Plans
Stakeholder Involvement
Cyber Incident
Communication
Recovery of Key Assets
Strategic
Threat Context
What-If Analysis
Peer Situation Monitoring
Business Relevant Threat
Monitoring
Threat Vector Monitoring
Resilience
Readiness
Recovery Ability
Design for Resilience
Exposure Driven Design
Continuous Improvement
Threat Landscape
Alignment
Governance &
Leadership
High Value Assets &
Business Processes
Physical & Safety Risks
Actual IT Support
Scenarios of Material
Impact
Key Protection
Assumptions
Business
Exposure
High Value Assets &
Business Processes
IT Risk Support
Cyber Attack Scenarios
Extended
Ecosystem
Contractual Dependability
Contractual Assurance
Regulatory Compliance
Focus
Operational Cooperation
Investment
Efficiency
Securing Future
Architecture
Protection of Key Assets
Security in Project
Funding
Security in Investment
Funding
Risk Analysis & Budgeting
Copyright © 2016 Accenture All rights reserved.
Cybersecurity Strategy
WE EVALUATED 33 CYBERSECURITY CAPABILITIES ACROSS SEVEN DOMAINS

Being better at detection, prevention and collaboration is not all that
security teams can be proud of—they have also realized an impressive 42
percent improvement in security capabilities.
Cybersecurity
capabilities rated
high performing
Capabilities rated
high performing:
2018 Global : 19
2018 Ireland: 23

In terms of delivering the next wave of improvements, it is easy to focus
exclusively on counteracting external attacks, but organizations should not
neglect the enemy within.
Most damaging security breaches
ranked by frequency and impact
28% of respondents ranked
‘External Attacks’ as having the
greatest impact on their
organization while 33% ranked
‘Internal Attacks’ as the most
frequent.

10
INTERNAL ATTACKS AND HACKER ATTACKS ARE THE MOST
FREQUENT ATTACKS AND CAUSE THE GREATEST IMPACT ON
THE ORGANIZATION
Among the types of breaches your organization has experienced,
please rank them from most to least frequent. (Ranked top 3)
70%
56%
44%
43%
39%
26%
24%
81%
49%
41%
41%
40%
27%
21%
Internal attack (e.g.,
malicious insiders)
Hacker attack
Accidentally published
information (e.g., insider
errors/failure to follow
processes and policies)
Configuration error that
affected security
Legacy infrastructure
that is challenging to
secure
Lost/stolen media
Lost/stolen computer
Among the successful breaches, please indicate which of the following
causes had the greatest impact on your organization. (Ranked top 3)
53%
51%
46%
39%
32%
22%
18%
56%
52%
47%
31%
26%
18%
15%
Internal attack (e.g.,
malicious insiders)
Hacker attack
Accidentally published
information (e.g., insider
errors/failure to follow
processes and policies)
Legacy infrastructure
that is challenging to
secure
Configuration error
Lost/stolen media
Lost/stolen computer
Global
Ireland

11
63%
57%
56%
56%
48%
47%
32%
76%
63%
52%
62%
49%
52%
27%
Corporate IT (all
systems in the
corporate office)
Cloud service providers
Customer or partner
environments (i.e.,
hosted websites,…
Operational
technologies (i.e.
manufacturing,…
Products and services
(i.e., wearables, xx)
Field operations
(branches, franchises,
subsidiaries)
Third parties
Organizations need to protect their most valuable assets, from the inside
out, and across the entire value chain.
Areas
cybersecurity
program is actively
protecting
Percentage of organization actively
protected by cybersecurity
program
Global: 67%
Ireland: 76%
Which of the following is your cybersecurity program actively protecting?
Multiple responses.
Global
Ireland

12Copyright © 2018 Accenture Security. All rights reserved.
Cybersecurity standards should extend beyond the organization.
Degree to which
ecosystem
partners are held
to cybersecurity
standards
Which of the following statements best represents the degree to which you hold your ecosystem partners and/or strategic partners to cybersecurity
standards?
Global
Ireland
6%
14%
16%
46%
18%
5%
16%
17%
50%
12%
We do not review cybersecurity standards of partners
We review cybersecurity standards of partners,
but do not impose any standards or requirements
We hold partners to a minimum standard for cybersecurity,
that is below our business standards, and audit regularly
We hold partners to the same cybersecurity standards
as our business, and audit regularly
We hold partners to higher cybersecurity standards
than our business

18%
34%
59%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
2016e 2017 2018 2019e 2020e 2021e
Global Measured capability average Filtered sample Log. (Global Measured capability average)Ireland
If the current rate of progress is maintained, organizations could reach a
sustainable level of cyber resilience in the next two to three years.
Forecast of average cybersecurity capabilities reaching a sustainable level of cyber resilience
Cyber resilience embedded into the business*
*Estimate based on current rate of
improvement 13

14
Cybersecurity investment is important to keep the momentum of improved
security resilience
Significant
increase in
investment
(double or more)
in cybersecurity
22%
31%
Global
Past 3 years Next 3 years
27%
33%
1
Past 3 years Next 3 years
Ireland

15Copyright © 2018 Accenture Security. All rights reserved.
Focusing on the right success measures ensures security objectives are
aligned with the business.
Measures of
success for
cybersecurity
programs
62%
57%
56%
53%
51%
42%
40%
38%
70%
54%
60%
49%
54%
43%
39%
40%
Cyber IT resiliency (i.e., how many times an enterprise
system went down and for how long)
Cyber recovery/restoration time (i.e., how long it takes to
restore normal activity)
Cyber response time (i.e., how long it takes to identify
and mobilize)
Cyber OT resiliency (i.e., how many times an operational
technology system stopped and for how long)
Cyber compliance with national standards
Trend measurement (incidents increasing/decreasing)
Repetition (portion of breaches that come from repeated
attempts of the same type)
Business risk improvement
How do you measure the success of your cybersecurity program?
Multiple responses.
Global
Ireland

16
55%
54%
48%
45%
45%
44%
43%
41%
40%
67%
60%
54%
46%
51%
45%
48%
43%
45%
IoT security
Security intelligence platforms
Blockchain
Threat hunting
Continuous control monitoring
and reporting
Managed security services
Machine learning/artificial
intelligence
Password-less authentication
Robotic process automation
(RPA)
Breakthrough technologies are essential to securing the organization’s
future and driving the next round of cyber resilience.
Emerging
technologies
organizations
invest in to
evolve
security
programs
New technologies such as artificial
intelligence, machine/deep
learning user behavior analytics,
blockchain, etc. are essential to
securing the future of the
organization.
Global: 83%
Ireland: 89%
In which of the following new and emerging technologies are you investing to evolve your security program?
Multiple responses.
Global
Ireland

0
0
0
0
0
124
0
0
0
0
0
0
0
0
0
0
0
20
0
15
0
5
5
5
15
20
5
11
0
0
5
5
6
7
46
35
21
12
10
0
0
0
0
0
0
18
THIS STUDY WAS FIELDED FEBRUARY 2018
0
4
27
36
57
Revenue Global Ireland
$50 bn or more 58
$20 bn-$49.9 bn 276
$10 bn-$19.9 bn 891
$6 bn-$9.9 bn 1,432
$1 bn-$5.9 bn 2,012
Location Global Ireland
Australia 401
Brazil 130
Canada 150
France 401
Germany 400
Ireland 124
Italy 302
Japan 400
Netherlands 115
Norway 114
Singapore 126
Spain 250
United Arab Emirates 132
United Kingdom 450
United States 1,174
Title Global Ireland
CIO 1513
Chief Security Officer 1429
Chief Compliance Officer 829
Chief Risk Officer 535
Chief Security Architect 133
Corporate Security Officer 78
Civilian - Political Appointee 50
Civilian - Senior Executive
Service (SES)
49
Civilian - GS-13 to GS-15 27
Military - Officer (O-7 to O-10) 23
Military - Officer (O-4 to O-6) 3
Industry Global Ireland
A&D Manufacturing 100
Automotive 101
Banking & Cap Markets 410
Chemicals 202
CG&S 410
Energy (Oil & Gas) 200
Healthcare (Payer) 100
Healthcare (Provider) 102
High Tech 411
Industrial Equipment 313
Insurance 411
Life Sciences 200
Media 252
Public Service (Federal) 255
Public Service (ST & Local) 198
Retail 411
Software & Platforms 221
Communications 158
Utilities 214

20
INFORMATION IS A KEY COMPANY ASSET PROTECTED BY THE
ORGANIZATION’S CYBERSECURITY STRATEGY
Which of the following are you addressing with your cybersecurity strategy?
Ranked top 3
48%
43%
35%
31%
31%
30%
30%
28%
25%
44%
42%
40%
34%
25%
29%
40%
27%
19%
Protecting organization information
Protecting customer information
Protecting organization reputation
Protecting employee privacy
Preventing service disruption
Mitigating against financial losses
Providing customer satisfaction
Protecting physical
infrastructures/assets
Mitigating against legal/compliance
issues
Global
Ireland

21
CONFIDENCE IS GENERALLY HIGH FOR CYBERSECURITY
EFFECTIVENESS
How confident are you in the effectiveness of each of the following for your organization?
40%
42%
42%
43%
42%
41%
43%
43%
43%
41%
45%
43%
42%
42%
42%
40%
40%
39%
39%
35%
Password Management
Infrastructure security
Asset management
Application Management
User Account Management
Physical security
Configuration and Change Management
Training and Awareness
Patch Management
3rd Party and Compliance
Confident Extremely confident
47%
42%
37%
40%
47%
40%
48%
44%
48%
36%
33%
41%
44%
42%
35%
31%
36%
44%
40%
36%
Password Management
Infrastructure security
Asset management
Application Management
User Account Management
Physical security
Configuration and Change Management
Training and Awareness
Patch Management
3rd Party and Compliance
Global Ireland

44%
44%
41%
40%
31%
40%
46%
40%
39%
41%
37%
45%
48%
36%
33%
37%
Monitor for breaches
Identify the cause of a breach
Manage reputational risk due to a cybersecurity
event
Measure the impact of a breach
Restore normal activity after a breach
Know the frequency of breaches
Manage financial risk due to a cybersecurity
event
Minimize disruption from a cybersecurity event
22
EXECUTIVES ARE VERY CONFIDENT ABOUT THEIR
CYBERSECURITY CAPABILITIES
How confident are you that your organization can do the following?
40%
41%
41%
41%
41%
40%
42%
41%
42%
42%
42%
42%
42%
41%
40%
39%
Monitor for breaches
Identify the cause of a breach
Manage reputational risk due to a cybersecurity
event
Measure the impact of a breach
Restore normal activity after a breach
Know the frequency of breaches
Manage financial risk due to a cybersecurity
event
Minimize disruption from a cybersecurity event
Confident Extremely confident
Global Ireland

Copyright © 2018 Accenture Security. All rights reserved. 23
ORGANIZATIONS RECOGNIZE THE RISKS ASSOCIATED WITH
ADOPTION OF NEW BUSINESS MODELS AND THE GROWING ROLE
OF NEW TECHNOLOGIES IN SECURING THE ORGANIZATION
Please indicate your agreement with each of the following statements:
Agree/Strongly agree
83%
83%
82%
72%
71%
89%
83%
85%
76%
71%
New technologies such as artificial intelligence,
machine/deep learning, user behavior
analytics, blockchain, etc. are essential to
securing the future of the organization.
Cybersecurity at our organization is completely
embedded into our culture.
As companies adopt new innovative business
models, ecosystems, liquid workforces, etc.,
the risk and security attack surface area
increases exponentially.
It is not possible to appear strong, prepared
and competent, if my organization is the victim
of a major security breach.
Cyberattacks are a bit of a black box; we do not
quite know how or when they will affect our
organization.
Global
Ireland

24
INTERRUPTION OF IT SERVICES IS THE MOST FREQUENTLY
CITED RESULT OF A BREACH AND CAUSES THE GREATEST LOSS
Which of the following has your organization experienced as a result of a
breach? Multiple responses.
55%
45%
44%
41%
39%
39%
38%
37%
35%
29%
62%
44%
56%
42%
46%
34%
40%
38%
38%
31%
Interruption of IT service/network down
Interruption of physical operations/shutdown of
assets (e.g., plants)
Intellectual Property (IP) data loss
Operational data loss/patent theft
Brand equity/reputation loss
Lost or stolen confidential information (M&A,
financial, IP)
Identity theft
Denial of service or access to systems
Financial loss
Credit card theft
Among those checked in the previous question, which one resulted in the
greatest loss to the business?
24%
13%
10%
9%
9%
9%
8%
8%
6%
3%
28%
11%
14%
6%
12%
6%
8%
10%
2%
2%
Interruption of IT service/network down
Interruption of physical operations/shutdown of
assets (e.g., plants)
Brand equity/reputation loss
Lost or stolen confidential information (M&A,
financial, IP)
Intellectual Property (IP) data loss
Operational data loss/patent theft
Denial of service or access to systems
Identity theft
Financial loss
Credit card theft
Global
Ireland

38% 36% 23% 4%Global
30 days or less 31-60 days 61-90 days More than 90 days
35% 38% 23% 4%1
25
MOST ORGANIZATIONS ARE ABLE TO REMEDIATE A BREACH IN
60 DAYS OR LESS
On average, how long does it take for you to remediate a breach?
Ireland

19%
15%
8%
14%
19%
12%
7%
12%
q20a_1
q20a_2
q20a_3
q20a_4
INVESTMENTS IN CYBERSECURITY TODAY WILL SECURE THE
FUTURE OF THE ORGANIZATION
How much does your organization spend on cybersecurity, as a percentage of each of the below?
Average % of budget dedicated to security
Global
Ireland
% of total IT budget
% of total OT budget
% of total annual revenue
% of operational costs

27
BUDGET AUTHORIZATION RESTS AT THE HIGHEST LEVELS OF
THE ORGANIZATION
Who authorizes your cybersecurity budget (i.e., how high in the organization do you have to go to get your budget approved)?
32%
27%
12%
11%
9%
6%
2%
23%
35%
23%
6%
7%
4%
3%
CEO/Executive Committee
Board of Directors
Chief Financial Officer
Chief Operating Officer
Chief Information Security Officer/Chief
Security Officer
Chief Information Officer
Others
Global
Ireland

28
WITH MORE BUDGET, SECURITY INVESTMENTS WOULD BE
DIRECTED TOWARD TECHNOLOGIES AND INNOVATIONS OVER
TRAINING
If you were given more budget for cybersecurity, how would you use it?
Up to three responses.
62%
59%
54%
52%
36%
13%
69%
60%
55%
44%
45%
15%
Filling known gaps in cybersecurity
technology
Adding new innovations in
cybersecurity
Filling known gaps in capabilities
(other than staffing and technology)
Filling security staffing gaps
Better reporting tools
End user training
Global
Ireland

29
CYBER SECURITY SPEND IS ON THE RISE AND IS EXPECTED TO
GROW OVER THE NEXT THREE YEARS
How recently has your organization
made a major transformational
investment (expenditure) in its
cybersecurity capability?
24%
45%
23%
7%
1%
19%
47%
24%
10%
1%
1 - Within the past six months
2 - Six months to one year
ago
3 - Between one and two
years ago
4 - Two or more years ago
5 - Not applicable, we have
not yet made a major
investment in cybersecurity
capabilities
Past 3 years with regard to cybersecurity.
31%
59%
9%
0%
0%
33%
58%
9%
0%
0%
1 - Significantly increase
(double or more)
2 - Increase modestly
3 - Stay the same
4 - Decrease modestly
5 - Significantly decrease
(decrease by half or more)
22%
65%
13%
1%
0%
27%
65%
7%
0%
1%
1 - Increased significantly
(doubled or more)
2 - Increased modestly
3 - Stayed the same
4 - Decreased modestly
5 - Decreased significantly
(decreased by half or more)
Next 3 years with regard to cybersecurity.
Global Ireland

ORGANIZATIONS RELY ON THEIR INTERNAL SECURITY
WORKFORCE BUT SUPPLEMENT WITH CONTRACTORS AND
OUTSOURCED STAFF
Percentage of Internal Security FTE as a percent of total
employees globally
Ireland Global
Security FTE:
Total FTE 1:37 1:35
Security FTE:
Contractors/
Consultants
6:1 5:1
Security FTE:
Outsourced 9:1 9:1
0.73%
0.71%
0.70%
0.67%
0.66%
0.74%
0.61%
0.73%
0.65%
0.57%
Security operations
Digital identity
Security Strategy and
leadership PMO
Security architecture
and engineering
Risk and compliance
Global Ireland

31
GAPS WITHIN ORGANIZATIONS ARE MOSTLY IN CYBER THREAT
ANALYTICS AND SECURITY MONITORING
Which of the following capabilities/solutions are most needed in your organization to fill gaps in your cybersecurity?
Multiple responses.
46%
46%
44%
40%
40%
39%
38%
35%
33%
33%
33%
31%
28%
24%
24%
55%
48%
48%
47%
39%
49%
35%
35%
31%
41%
41%
38%
31%
23%
24%
Cyber threat analytics
Security monitoring
Network security
Risk management
Artificial Intelligence/security…
Threat intelligence
OT-related security
Application security
Incident response
End point security
Next generation Identity
Encryption
Vulnerability management
Staffing
Remediation
Global
Ireland

EXECUTIVES RECOGNIZE THE GROWING NEED TO SPREAD
RESPONSIBILITY FOR CYBERSECURITY ACROSS MULTIPLE
SUPPLIERS
Please indicate the way in which your organization tends to source your cybersecurity program today:
Please indicate the way in which you expect your organization WILL source your cybersecurity program in three years:
Please indicate the way in which you believe your organization SHOULD source your cybersecurity program in three years:
28%
26%
26%
44%
42%
40%
28%
32%
34%
Today
WILL in 3 years
SHOULD in 3 years
More than half Single supplier About equal More than half Multiple supplier
47%
36%
29%
39%
40%
39%
15%
24%
32%
q29_1
q30_1
q31_1
More than half Single supplier About equal More than half Multiple supplier
Today
WILL in 3 years
SHOULD in 3 years
IrelandGlobal

THE ROLE 0F OUTSOURCED CYBERSECURITY SERVICES IS
LIKELY TO RISE AT A MODERATE PACE
37%
34%
34%
40%
40%
39%
23%
25%
27%
Today
WILL in 3 years
SHOULD in 3 years
More than half In-house security staff About equal More than half Outsourced providers
48%
31%
35%
35%
43%
42%
16%
26%
23%
More than half In-house security staff About equal More than half Outsourced providers
Today
WILL in 3 years
SHOULD in 3 years
IrelandGlobal

CLOUD BASED SERVICES ARE MORE FREQUENTLY USED THAN
ON-SITE DEPLOYMENT; THIS TREND WILL GROW OVER NEXT 3
YEARS
27%
24%
24%
42%
42%
38%
31%
34%
38%
Today
WILL in 3 years
SHOULD in 3 years
More than half On-site deployment About equal More than half Cloud Services
33%
24%
23%
33%
36%
32%
34%
40%
44%
More than half On-site deploymen About equal More than half Cloud Services
Global
Today
WILL in 3 years
SHOULD in 3 years
Ireland

THE LICENSING MODEL IN CYBERSECURITY WILL REMAIN
LARGELY UNCHANGED OVER THE NEXT THREE YEARS,
ACCORDING TO RESPONDENTS
26%
26%
25%
44%
42%
40%
30%
32%
35%
Today
WILL in 3 years
SHOULD in 3 years
More than half Perpetual licensing About equal More than half Usage-based services
33%
29%
31%
37%
32%
31%
30%
39%
38%
More than half Perpetual licensing About equal More than half Usage-based services
Ireland
Today
WILL in 3 years
SHOULD in 3 years
Global

CAPABILITIES 1/7:
BUSINESS EXPOSURE
Business Exposure
At my organization… Top 2 Box Score–
% rated high performing
60%
56%
60%
56%
59%
73%
65%
73%
68%
64%
Identification of High-Value Assets &
Business Processes
IT Risk Support
Cyber Attack Scenarios
Cybersecurity Strategy - Key Protection
Assumptions
Global
Ireland

Cyber Response Readiness
At my organization…
61%
59%
60%
56%
58%
73%
69%
75%
67%
62%
Cyber Response Plan
Cyber-Incident Escalation Paths
Ability to Ensure Stakeholder
Involvement
Cyber-Incident Communication
Protection and Recovery of Key Assets
CAPABILITIES 2/7:
CYBER RESPONSE READINESS
Global
Ireland
Top 2 Box Score–

Strategic Threat Intelligence – Anticipating Future Threats
56%
61%
58%
62%
66%
68%
69%
78%
What-If Threat Analysis
Business Relevant Threat Monitoring
Peer Monitoring – as a Source for
Information on Threats to Your
Business
Threat Vector Monitoring
CAPABILITIES 3/7:
STRATEGIC THREAT INTELLIGENCE
Global
Ireland
Top 2 Box Score–

Resilience Readiness
61%
60%
60%
60%
60%
71%
67%
77%
64%
69%
Cyber-Incident Recovery
Design for Resilience (limited impact)
Design for Protection of Key Assets
Maintaining Resilience Readiness
Threat Landscape & Resilience
Alignment
CAPABILITIES 4/7:
RESILIENCE READINESS
Global
Ireland
Top 2 Box Score–

58%
55%
59%
60%
58%
68%
64%
71%
66%
69%
Cybersecurity Architecture Approach
Cybersecurity Investments for Key
Assets
Including Cybersecurity Funding in IT
Project Plans
Inclusion of Cybersecurity in
investments
Risk Analysis and Budgeting
Investment Efficiency
CAPABILITIES 5/7:
INVESTMENT EFFICIENCY
Global
Ireland
Top 2 Box Score–

59%
56%
57%
59%
60%
70%
62%
66%
69%
73%
Cybersecurity in Chain of Command
Cybersecurity Incentives
Measuring and Reporting Cybersecurity
Cybersecurity Accountability
Security-minded Culture
Governance & Leadership
CAPABILITIES 6/7:
GOVERNANCE & LEADERSHIP
Global
Ireland
Top 2 Box Score–

59%
57%
58%
61%
69%
70%
68%
71%
Third-Party Cybersecurity
Third-Party Cybersecurity Clauses
Cybersecurity Regulatory Compliance
Cooperation during Crisis Management
Extended Ecosystem
CAPABILITIES 7/7:
EXTENDED ECOSYSTEM
Global
Ireland
Top 2 Box Score–

2018 State of Cyber Resilience Report - Ireland

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a 2018 State of Cyber Resilience Report - Ireland

Similar a 2018 State of Cyber Resilience Report - Ireland (20)

Último

Último (20)

2018 State of Cyber Resilience Report - Ireland