Strategy and technology alone do not guarantee an effective cyber defense. Many organizations fall short because they lack the right mix of talent and capabilities, or aren’t using a strong and complete cyber security model, or have difficulty with properly executing the strategy.

1. Continuous Cyber Attacks:
Achieving Operational
Excellence for the New Normal
Executive Summary

2. 2
Internal and external factors add risk to an organization’s
cyber defense. Externally, an organization’s attack
surfaces are growing—from the increased volume of
connected devices, the expansion of the Internet of
Things and the growth of cloud computing. Internally,
many organizations lack sufficient rigor and consistency
in security operations—using a variety of processes and
capabilities that provide varying levels of effectiveness,
or aren’t deployed consistently across the organization.
Another issue is the high turnover rate within security;
many times key people leave and take unique knowledge
with them. Constantly changing IT environments also
make it difficult for the security team to track and
protect critical information. Security can have insufficient
visibility into the organization’s asset landscape due to
limitations of the tools and processes being used. Finally,
time is an issue; it takes an average of seven to eight
months to detect a breach.
Achieving operational excellence in cyber defense requires a
comprehensive approach that prepares for threats, predicts
and detects breaches, and then responds to and recovers
from incidents. Organizations need well-trained employees
who can react to clear-cut incident response plans and
procedures for different types of threats.
A robust cyber security operational model starts with
a well-defined strategy of how security supports
business performance. The model is centered on core
risk-management goals. It will prepare and protect for
potential threats by providing usable threat intelligence
and actively managing vulnerabilities. The model includes
forward-thinking capabilities to help scale activities
and references an IT strategy that provides greater
understanding of the organization’s assets, data sets,
technical and business functions.
The model enables security to defend and detect
intrusions using advanced analytics, also identifying
behavior changes that indicate security risks. An emphasis
on visualization helps identify anomalies quickly from large
volumes of data.
Organizations can respond and recover effectively by
employing active defense strategies and actively managing
security incidents, using platforms that guide operators in
hunting for threats. Training should mimic attackers—to
prepare teams for real-world adversaries—with activities
that encompass security operations and tie-in with strategic
channels in the business.
To achieve operational excellence in cyber security,
organizations can take specific steps to improve their
security operations:
• Assess the effectiveness of current security processes
• Invest in attracting and retaining skilled security talent
• Automate intelligently to leverage scarce resources
• Understand how threat data pertains to the business
• Identify what isn’t known
• Create a plan to address knowledge gaps
• Find an effective sparring partner that will improve
security capabilities
Organizations should focus on creating a highly efficient
operating model that balances security operations, new
technology implementation, testing of security posture and
feedback to update defenses.
The brutal assault on digital assets of organizations
worldwide looks to continue. Given the risk-filled
environment, organizations need the best operational
security capabilities possible to defend their most valuable
digital assets.
@AccentureSecure
Strategy and technology alone do not guarantee an effective cyber defense.
Many organizations fall short because they lack the right mix of talent and
capabilities, or aren’t using a strong and complete cybersecurity model, or have
difficulty with properly executing the strategy.

3. RESP
OND
PREP
ARE PRO
TECT
DEFEND
&
DETECT
Incident Response
Remediation
Strategy &
Business Alignment
Assessment &
Architecture
Governance, Risk
& Compliance
People & Culture Change
Application &
Data Security
Platform &
Infrastructure Security
Digital Identity
Vulnerability Management
& Threat Intelligence
Advanced Adversary
Simulations
Security Monitoring
Cyber Threat
Analytics
TRANSFORMATION
S T R A T E G Y
MANAGED
SE
CU
RITY
&
C Y B E R D E F E N S E
Cyber Security Lifecycle Model
3 Accenture.com/CyberDefensePlan

4. About Accenture
Accenture is a leading global professional services company,
providing a broad range of services and solutions in strategy,
consulting, digital, technology and operations. Combining
unmatched experience and specialized skills across more than 40
industries and all business functions—underpinned by the world’s
largest delivery network—Accenture works at the intersection
of business and technology to help clients improve their
performance and create sustainable value for their stakeholders.
With approximately 373,000 people serving clients in more than
120 countries, Accenture drives innovation to improve the way
the world works and lives. Visit us at www.accenture.com.
Copyright © 2016 Accenture
All rights reserved.
Accenture, its logo, and
High performance. Delivered.
are trademarks of Accenture.
DISCLAIMER: This document makes descriptive reference to
trademarks that may be owned by others. The use of such
trademarks herein is not an assertion of ownership of such
trademarks by Accenture and is not intended to represent or imply
the existence of an association between Accenture and the lawful
owners of such trademarks.
Contributors
Bill Phelps
Managing Director, Global Security Services
bill.phelps@accenture.com
Ryan LaSalle
Managing Director, Security Growth & Strategy Lead
ryan.m.lasalle@accenture.com
Kevin Oswald
Managing Director, Global Cyber Defense and Managed
Security Services Lead
kevin.j.oswald@accenture.com
Harpreet Sidhu
Managing Director, Cyber Security Lead - Energy North America
harpreet.sidhu@accenture.com
Patrick Joyce
Senior Principal Information Security, Global Security Services
patrick.j.joyce@accenture.com
Matt Carver
Senior Manager, Security Research & Development
matthew.carver@accenture.com