More Related Content Similar to Accenture Security CG&S Cyber Resilience (20) Accenture Security CG&S Cyber Resilience2. Copyright © 2018 Accenture. All rights reserved. 2
CISOs in CG&S companies need to
address new threats from across the
value chain in:
• Product development
• Manufacturing
• Supply chain
• Customer operations
Inconsistent security maturity
Decades of M&A have taken their toll
of CG&S executives said that
“cyberattacks are a bit of a black box, we
do not quite know how or when they will
affect our organization.”
70%
3. Copyright © 2018 Accenture. All rights reserved. 3
Build a business that is secure by design
Security technologies identified had a
negative value gap where the percentage
spending level is higher than the relative
value to the business.*
5/9
CG&S companies are under
pressure because:
• Spending priorities show that investments
are misdirected toward security capabilities
that fail to deliver efficiency and effectiveness
• Security executives do not have the visibility
into the non-IT asset landscape or the
authority to impact risk outcomes in these
areas of the business
4. Copyright © 2018 Accenture. All rights reserved. 4
Three areas that can positively impact the CG&S
risk posture include:
Secure the journey to cloud
Build trust in direct-to-customer initiatives
Manage operational technology risk
5. Copyright © 2018 Accenture. All rights reserved. 5
Secure the journey to the cloud
of CG&S companies identified “better security” as a
benefit to be gained from cloud migration.
53%
To reduce costs, many CG&S
companies are moving to the cloud.
It offers an opportunity to:
• Re-examine the business—especially
applications, infrastructure, operations
and development processes
• Prioritize security around core assets
• “Design in” a control structure to
mitigate risks
6. Copyright © 2018 Accenture. All rights reserved. 6
Build trust in direct-to-consumer initiatives
of security breaches
experienced by CG&S
organizations have been
linked with customer data
in the last 12 months.
50%
A customer facing, data-driven strategy
can better inform the business. It offers
an opportunity to:
• Introduce cybersecurity early on in the process to
proactively mitigate risk
• Influence consumers’ purchasing decisions through
improved digital trust and privacy
• Be better prepared for regulatory demands
7. Copyright © 2018 Accenture. All rights reserved. 7
Manage operational technology risk
of CG&S executives said that they
had suffered interruption of physical
operations/shutdown of assets as a
result of a breach.
43%
As OT networks become less isolated
from IT networks, so their vulnerabilities
grow. Issues include:
• A lack of security accountability
• Inconsistent security processes
• Inconsistent technical controls
• Incomplete asset visibility
8. Copyright © 2018 Accenture. All rights reserved. 8
The nature of cyberattacks is shifting
of CG&S executives think they are protecting their
physical infrastructures/assets with their
cybersecurity strategy.
ONLY
26%
Source: The untold story of NotPetya the most devastating attack in cyber history, Wired, August 22,
2018. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
In 2017, malware Petya had a
significant financial impact. Sample
losses include:
US$129M
British manufacturer
US$188M
Global Snack company
9. Copyright © 2018 Accenture. All rights reserved. 9
Security is everyone’s
business
of CG&S executives say that
cybersecurity budget authorization
is with the CEO/Executive
Committee, more than the global
average.
34%
of CG&S executives recognize they
need to improve on cyber threat
analytics and 46% on security
monitoring—the “basics” of security
programs.
50%
A cultural mind-set shift is required
so that:
• CISOs can become trusted business partners
• Business leaders responsible for funding can
better understand security priorities
• Security can be a business and revenue enabler
as well as driving out risk
10. Copyright © 2018 Accenture Security. All rights reserved. 10
Put Security First
Actions to achieve cyber resilience
01
02
03
Organize security around business outcomes
Identify your “crown jewels”
Invest appropriately to tackle security hygiene
Introduce mandatory security checkpoints in the development or engineering,
procurement and budgeting processes to anticipate new risks.
Understand and account for existing assets across the organization and determine
risk-based priorities.
Become brilliant at the basics by tackling security hygiene and risk management
programs.
04 Institutionalize security practices
Embed security disciplines that address today’s needs and have the potential to serve
tomorrow’s demands.
11. Copyright © 2018 Accenture. All rights reserved. 11
About the research
11
410 Consumer Goods &
Services respondents
93 Companies with revenues
>US$10 bn
Survey
Respondents
• Chief Information Officer
• Chief Security Officer
• Chief Compliance Officer
• Chief Risk Officer
• Corporate Security Officer
Australia | Brazil | Canada | France
Germany | Ireland | Italy | Japan
Netherlands | Norway | Singapore
Spain | United Arab Emirates
United Kingdom | United States
15 Countries:
Survey conducted 2018
12. 12
Read the full report:
www.accenture.com/cgs-cyber-resilience
About Accenture
Accenture is a leading global professional services company,
providing a broad range of services and solutions in strategy,
consulting, digital, technology and operations. Combining
unmatched experience and specialized skills across more
than 40 industries and all business functions—underpinned by
the world’s largest delivery network—Accenture works at the
intersection of business and technology to help clients
improve their performance and create sustainable value for
their stakeholders. With 459,000 people serving clients in
more than 120 countries, Accenture drives innovation to
improve the way the world works and lives.
Visit us at www.accenture.com.
Stay Connected
Note: Unless otherwise stated, the statistics in this point of view represent retail respondents in the
survey report “Gaining ground on the attacker: 2018 State of Cyber Resilience,” Accenture 2018.
*Source: 2017 Cost of Cybercrime Study, Accenture and the Ponemon Institute
Copyright © 2018 Accenture. All rights reserved. Accenture, its logo, and New Applied Now are
trademarks of Accenture.
/showcase/accenture-consumer-goods
/showcase/accentureconsulting
@AccentureCPG
@AccentureConslt