Continuous Cyber Attacks: Engaging Business Leaders for the New Normal

Copyright © 2015 Accenture All rights reserved.

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal

Copyright © 2015 Accenture All rights reserved. 2Copyright © 2015 Accenture All rights reserved.

Organizations face a cybercrime wave that is increasing in intensity and sophistication

Cyber defenses are threatened from well-funded, highly motivated digital adversaries

Sophisticated hackers are using state-of-the-art techniques

It’s never been easier or more lucrative for adversaries to cash in on their efforts

Cyber-thieves operate across borders and rarely face prosecution

Copyright © 2015 Accenture All rights reserved.Copyright © 2015 Accenture All rights reserved.

Business leaders must establish a holistic, end-to-end security strategy to protect the organization• Regulatory compliance is not enough

• Purchasing the latest security products can drain the budget without improving overall defense

3

A solid cyber defense approach requires a shift in approach: the organization’s business side must partner with the security organization


The following 3 approaches can help an organization minimize cyber-crime risk

Make the business a better security “customer”

Strengthen the partnership between the business and security

Continuously exercise organizational defenses

4

1

2

3


1Make the business a better security “customer”

• A solid cyber defense requires companies to interlock an organization’s business stakeholders, its risk management office and the security team

• Develop a true relationship that asks all employees to own responsibility for security


When the business side fails to cooperate with the security team, multiple challenges emerge• Security lacks sufficient top

management access

• The front lines remain unengaged in security issues

• Ambiguity regarding who “owns” the systems under attack

6

1


Strengthening the relationship between the business and security transforms the organization’s security posture

Leaders take responsibility to keep security on the agenda

Recognize the complexity of the challenge

7

Work together to identify the organization’s critical data

Evolve the organizational culture to attract and retain top-tier security talent

2



• Put security on the agenda

• Focus on cyber defense innovation

• Embrace and implement new ideas

• Develop security strategies approved by leaders

• Make information security a business priority

• Inform employees on business security requirements

8

2


Strengthen the partnership between the business and security Recognize the complexity of the challenge• Determine the best way to manage cyber

losses

• Develop a complete scope of potential damage areas, including data, business operations, company brand, consumer confidence

• Recognize that future costs could rise

• Prioritize the protection of critical information

9

2



Work together to identify the organization’s critical data• Analyze the organization as a hacker

would to identify vulnerabilities

• Focus efforts on the truly critical assets to reduce risk

• Delete or encrypt online information

• Reduce data volume where possible

10

2


Strengthen the partnership between the business and security Seek top-tier security talent• Think proactively and creatively to attract and

retain scarce, expert security resources

• Build the executive team’s confidence in security leaders

• Work with universities to develop cyber defense recruits

• Look for expertise outside of normal channels

• Consider dual-track career paths for cyber defense experts who seek higher managerial roles

11

2

Copyright © 2015 Accenture All rights reserved.Copyright © 2015 Accenture All rights reserved. 12

Exercise defenses with a sparring partner to develop organizational resilience

Relentlessly test defenses with a third-party sparring partner who can realistically mimic hackers

Assume security is compromised and constantly hunt for intruders across the environment

Be prepared to react rapidly in removing attackers from the environment before they can achieve their objectives


3

Copyright © 2015 Accenture All rights reserved.Copyright © 2015 Accenture All rights reserved. 13

The current digital attack waves are dangerous for businesses and governments. Leaders should take action now to make their organizations more resilient.



Thank YouPlease visit www.accenture.com/cyberdefensefor additional information.

#CyberDefense

Follow us on Twitter @AccentureSecure

14


About AccentureAccenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 358,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.


Technology

Continuous Cyber Attacks: Engaging Business Leaders for the New Normal