SlideShare a Scribd company logo

The Cyber Security Leap: From Laggard to Leader

Download as PPTX, PDF
Accenture Technology
Accenture Technology

Organizations achieve security outperformance against their industry peers by demonstrating commitment in three critical areas. With Ponemon Institute, we identified the “leapfroggers.”

Technology
1 of 19
The Cyber Security Leap: From Laggard to Leader April 2015
2Copyright © 2015 Accenture All rights reserved. 2Copyright © 2015 Accenture All rights reserved. How do some organizations achieve better security performance? We compared organizations that were able to “leapfrog” their security effectiveness against others that remained static. Defining a Leapfrog organization Key findings Implications About the research
3Copyright © 2015 Accenture All rights reserved. 3Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015 • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance
4Copyright © 2015 Accenture All rights reserved. 4Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy Strategy Governance • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Technology Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
5Copyright © 2015 Accenture All rights reserved. 5Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
6Copyright © 2015 Accenture All rights reserved. 6Copyright © 2015 Accenture All rights reserved. Organizations with static security effectiveness demonstrated different characteristics • Operate security under a veil of stealth, secrecy and underfunding • Prioritize external threats • Focus on prevention rather than quick detection or containment • Drive security investments by compliance with regulations and policies • View security as diminishing employee productivity • Believe security budgets are inadequate for meeting the company’s security mission
7Copyright © 2015 Accenture All rights reserved. 7Copyright © 2015 Accenture All rights reserved. Leapfrog organizations value innovation as a way to strengthen their security posture Higher value placed on security innovation 33% Higher level of security innovation change in the past two years 45% More security innovation 20%
8Copyright © 2015 Accenture All rights reserved. 8Copyright © 2015 Accenture All rights reserved. Establishing a security strategy as a business priority separates Leapfrog from Static organizations Security and business objectives aligned 70% 55% 69% 45% 63% 40% Security is priority Security strategy exists LEAPFROG STATIC LEAPFROG STATIC LEAPFROG STATIC
9Copyright © 2015 Accenture All rights reserved. 9Copyright © 2015 Accenture All rights reserved. Security outsourcing is often a component of Leapfrog organization strategies Outsourcing core security operations can greatly increase security effectiveness by providing access to advanced technology and expert resources. Leapfrog Static Has strategy & does not outsource security operations 23% 15% 55% 32% Has strategy & outsources security operations
10Copyright © 2015 Accenture All rights reserved. 10Copyright © 2015 Accenture All rights reserved. Leapfrog organizations proactively use advanced technologies to secure their network and cloud environments LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high) Secure (encrypt) data stored in cloud environments 7.186.00 Establish security protocols over big data 6.334.94 Pinpoints anomalies in network traffic 8.557.45 Provide advance warning about threats and attackers 8.277.56
11Copyright © 2015 Accenture All rights reserved. 11Copyright © 2015 Accenture All rights reserved. Leapfrog organizations focus more on securing network, sensitive data and the cloud; Static organizations focus more on locking things down. Control insecure mobile devices including BYOD 7.167.76 Limit insecure devices from accessing security systems 6.037.18 LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high)
12Copyright © 2015 Accenture All rights reserved. 12Copyright © 2015 Accenture All rights reserved. Establishing strong governance and controls supports Leapfrog security effectiveness Important governance components include dedicated budget, use of benchmarks and metrics and regular communications with board of directors. Metrics to evaluate security operations 20% 26% Enterprise risk management procedures 35% Regular reporting to the board of directors 34% Benchmark Security operations
13Copyright © 2015 Accenture All rights reserved. 13Copyright © 2015 Accenture All rights reserved. The CISO role in Leapfrog organizations reflects the importance placed on security While both types of organizations have a CISO, the level of responsibility is notably different. CISO defines security strategy and initiatives Leapfrog 71% Static 60% CISO directly reports to a senior executive 71% 58% CISO is accountable for budgets or discretionary spending 65% 55%
14Copyright © 2015 Accenture All rights reserved. 14Copyright © 2015 Accenture All rights reserved. Security effectiveness can be notably improved over a short period of time, by applying lessons learned from three priority areas Strategy Technology Governance
15Copyright © 2015 Accenture All rights reserved. 15Copyright © 2015 Accenture All rights reserved. Suggestions for developing or improving your security strategy • Establish a security strategy that encourages innovation, has dedicated budget and programs, a strong eco-system and a clear vision for how innovation gets on-boarded into production. • Develop the ability to adapt quickly and proactively to the changing threat landscape • Help the organization embrace digital disruption • Align security and organizational priorities • Treat security as a business priority
16Copyright © 2015 Accenture All rights reserved. 16Copyright © 2015 Accenture All rights reserved. Suggested areas for technology focus • Seek out technology and capabilities that enhance the user experience and productivity • Balance prevention, detection and response better—lessen the focus on prevention • Better exploit data within the organization to gain an advantage in detection and response times—move toward security intelligence
17Copyright © 2015 Accenture All rights reserved. 17Copyright © 2015 Accenture All rights reserved. Governance measures to improve performance • Foster a working relationship between CISO and the board to take effective action; educate and collaborate to articulate and prioritize business risk • Use benchmarks and metrics to continually assess the strategy and evolve the organization’s posture • Outsource security operations as appropriate for best use of available expert resources • Eliminate fire-fighting and use resources effectively
18Copyright © 2015 Accenture All rights reserved. 18Copyright © 2015 Accenture All rights reserved. Organizations studied represent various industries and sizes across NA, Europe, Middle East and Asia Pacific 16% 14% 14% 10% 8% 9% 6% 6% 5% 5% 4% 4% 9% 11% 28% 24% 18% 11% Less than 1,000 1,000 to 5,000 5,001 to 10,000 10,001 to 25,000 25,000 to 75,000 More than 75,000Financial services Industries represented Organization size Public sector Services Retail Energy and utilities Industrial Health & pharmaceutical Consumer Technology and software Transportation Other Hospitality Education and research, 1% Communications, 1%
19Copyright © 2015 Accenture All rights reserved. 19Copyright © 2015 Accenture All rights reserved. For more information, visit: accenture.com/cybersecurity 19Copyright © 2015 Accenture All rights reserved.

Recommended

Speak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in TechSpeak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in Techaubrey bach
 
Using Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsUsing Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsPayScale, Inc.
 
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...CODECNetworks
 
Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Christopher Clark
 
Building security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesBuilding security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesAaron Carpenter
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?Phil Agcaoili
 
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...North Texas Chapter of the ISSA
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 

Recommended

Speak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in TechSpeak Up! Salary Negotiation for Women in Tech
Speak Up! Salary Negotiation for Women in Techaubrey bach
 
Using Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsUsing Data to Help First Job Salary Negotiations
Using Data to Help First Job Salary NegotiationsPayScale, Inc.
 
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...
Career Counselling Program on Cyber Security @ K.R.Mangalam University Conduc...CODECNetworks
 
Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Security Operations, Engineering, and Intelligence Integration through the po...
Security Operations, Engineering, and Intelligence Integration through the po...Christopher Clark
 
Building security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesBuilding security leaders ISSA Virtual CISO Series
Building security leaders ISSA Virtual CISO SeriesAaron Carpenter
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?Phil Agcaoili
 
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...North Texas Chapter of the ISSA
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!Rahul Tiwari
 
WE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecurityWE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecuritySociety of Women Engineers
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and BeyondPhilip Beyer
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career AdviceDonald E. Hester
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonChristopher Clark
 
BSides Manchester
BSides ManchesterBSides Manchester
BSides ManchesterJane Frankland
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeSociety of Women Engineers
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydneyMichael Buckley
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringSociety of Women Engineers
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt templateBillsworth
 
CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017Allie Gentry
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...Accenture Technology
 
Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech CultureAccenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech CultureAccenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Technology
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trendsAccenture Technology
 

More Related Content

Viewers also liked

DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!Rahul Tiwari
 
WE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecurityWE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecuritySociety of Women Engineers
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and BeyondPhilip Beyer
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career AdviceDonald E. Hester
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonChristopher Clark
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydneyMichael Buckley
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt templateBillsworth
 
CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017Allie Gentry
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...Accenture Technology
 

Viewers also liked (15)

DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!DressCode@ACCENTURE!!!
DressCode@ACCENTURE!!!
 
WE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - CybersecurityWE16 - Go for the Hot Career Field - Cybersecurity
WE16 - Go for the Hot Career Field - Cybersecurity
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
 
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
(Consulting) Couch to CISO: A Security Leader's First 100 Days and Beyond
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career Advice
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
 
BSides Manchester
BSides ManchesterBSides Manchester
BSides Manchester
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double Life
 
Accenture presentation sydney
Accenture presentation sydneyAccenture presentation sydney
Accenture presentation sydney
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your Job
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in Engineering
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
 
Digital dandelion ppt template
Digital dandelion ppt templateDigital dandelion ppt template
Digital dandelion ppt template
 
CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017CIO-CTO 90 day plan 2017
CIO-CTO 90 day plan 2017
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
 

More from Accenture Technology

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Technology
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidentlyAccenture Technology
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldAccenture Technology
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayAccenture Technology
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAccenture Technology
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for WorkdayAccenture Technology
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology
 

More from Accenture Technology (20)

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidently
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual world
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red Hat
 
Accenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture and Mercedes Case Study
Accenture and Mercedes Case Study
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: Infographic
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: Overview
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and Me
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNA
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with Workday
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
 
Technology Vision for SAP 2019
Technology Vision for SAP 2019Technology Vision for SAP 2019
Technology Vision for SAP 2019
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for Workday
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for Pega
 

Recently uploaded

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

The Cyber Security Leap: From Laggard to Leader

  • 1. The Cyber Security Leap: From Laggard to Leader April 2015
  • 2. 2Copyright © 2015 Accenture All rights reserved. 2Copyright © 2015 Accenture All rights reserved. How do some organizations achieve better security performance? We compared organizations that were able to “leapfrog” their security effectiveness against others that remained static. Defining a Leapfrog organization Key findings Implications About the research
  • 3. 3Copyright © 2015 Accenture All rights reserved. 3Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015 • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance
  • 4. 4Copyright © 2015 Accenture All rights reserved. 4Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy Strategy Governance • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Technology Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
  • 5. 5Copyright © 2015 Accenture All rights reserved. 5Copyright © 2015 Accenture All rights reserved. Leapfrog organizations improved their security effectiveness an average of 53% over two years Success characteristics can be summarized across three areas • Security is a business priority aligned with the enterprise’s goals • Focus on innovation • Outsourcing is a component of the security program • Respond proactively to major changes to the threat landscape • Open communications with CEOs and corporate boards • Establish dedicated security budgets that have steadily increased • Chief Information Security Officer (CISO) has authority to define and manage the security strategy • Deploy enterprise risk management procedures • Embrace new and disruptive security technologies as part of the strategy Strategy Technology Governance Research and analysis conducted by Accenture in Collaboration with the Ponemon Institute, LLC. All data in this presentation taken from “The Cyber Security Leap: From Laggard to Leader, 2015
  • 6. 6Copyright © 2015 Accenture All rights reserved. 6Copyright © 2015 Accenture All rights reserved. Organizations with static security effectiveness demonstrated different characteristics • Operate security under a veil of stealth, secrecy and underfunding • Prioritize external threats • Focus on prevention rather than quick detection or containment • Drive security investments by compliance with regulations and policies • View security as diminishing employee productivity • Believe security budgets are inadequate for meeting the company’s security mission
  • 7. 7Copyright © 2015 Accenture All rights reserved. 7Copyright © 2015 Accenture All rights reserved. Leapfrog organizations value innovation as a way to strengthen their security posture Higher value placed on security innovation 33% Higher level of security innovation change in the past two years 45% More security innovation 20%
  • 8. 8Copyright © 2015 Accenture All rights reserved. 8Copyright © 2015 Accenture All rights reserved. Establishing a security strategy as a business priority separates Leapfrog from Static organizations Security and business objectives aligned 70% 55% 69% 45% 63% 40% Security is priority Security strategy exists LEAPFROG STATIC LEAPFROG STATIC LEAPFROG STATIC
  • 9. 9Copyright © 2015 Accenture All rights reserved. 9Copyright © 2015 Accenture All rights reserved. Security outsourcing is often a component of Leapfrog organization strategies Outsourcing core security operations can greatly increase security effectiveness by providing access to advanced technology and expert resources. Leapfrog Static Has strategy & does not outsource security operations 23% 15% 55% 32% Has strategy & outsources security operations
  • 10. 10Copyright © 2015 Accenture All rights reserved. 10Copyright © 2015 Accenture All rights reserved. Leapfrog organizations proactively use advanced technologies to secure their network and cloud environments LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high) Secure (encrypt) data stored in cloud environments 7.186.00 Establish security protocols over big data 6.334.94 Pinpoints anomalies in network traffic 8.557.45 Provide advance warning about threats and attackers 8.277.56
  • 11. 11Copyright © 2015 Accenture All rights reserved. 11Copyright © 2015 Accenture All rights reserved. Leapfrog organizations focus more on securing network, sensitive data and the cloud; Static organizations focus more on locking things down. Control insecure mobile devices including BYOD 7.167.76 Limit insecure devices from accessing security systems 6.037.18 LeapfrogStatic (Rankings on a 10 point scale, 1 = low; 10 = high)
  • 12. 12Copyright © 2015 Accenture All rights reserved. 12Copyright © 2015 Accenture All rights reserved. Establishing strong governance and controls supports Leapfrog security effectiveness Important governance components include dedicated budget, use of benchmarks and metrics and regular communications with board of directors. Metrics to evaluate security operations 20% 26% Enterprise risk management procedures 35% Regular reporting to the board of directors 34% Benchmark Security operations
  • 13. 13Copyright © 2015 Accenture All rights reserved. 13Copyright © 2015 Accenture All rights reserved. The CISO role in Leapfrog organizations reflects the importance placed on security While both types of organizations have a CISO, the level of responsibility is notably different. CISO defines security strategy and initiatives Leapfrog 71% Static 60% CISO directly reports to a senior executive 71% 58% CISO is accountable for budgets or discretionary spending 65% 55%
  • 14. 14Copyright © 2015 Accenture All rights reserved. 14Copyright © 2015 Accenture All rights reserved. Security effectiveness can be notably improved over a short period of time, by applying lessons learned from three priority areas Strategy Technology Governance
  • 15. 15Copyright © 2015 Accenture All rights reserved. 15Copyright © 2015 Accenture All rights reserved. Suggestions for developing or improving your security strategy • Establish a security strategy that encourages innovation, has dedicated budget and programs, a strong eco-system and a clear vision for how innovation gets on-boarded into production. • Develop the ability to adapt quickly and proactively to the changing threat landscape • Help the organization embrace digital disruption • Align security and organizational priorities • Treat security as a business priority
  • 16. 16Copyright © 2015 Accenture All rights reserved. 16Copyright © 2015 Accenture All rights reserved. Suggested areas for technology focus • Seek out technology and capabilities that enhance the user experience and productivity • Balance prevention, detection and response better—lessen the focus on prevention • Better exploit data within the organization to gain an advantage in detection and response times—move toward security intelligence
  • 17. 17Copyright © 2015 Accenture All rights reserved. 17Copyright © 2015 Accenture All rights reserved. Governance measures to improve performance • Foster a working relationship between CISO and the board to take effective action; educate and collaborate to articulate and prioritize business risk • Use benchmarks and metrics to continually assess the strategy and evolve the organization’s posture • Outsource security operations as appropriate for best use of available expert resources • Eliminate fire-fighting and use resources effectively
  • 18. 18Copyright © 2015 Accenture All rights reserved. 18Copyright © 2015 Accenture All rights reserved. Organizations studied represent various industries and sizes across NA, Europe, Middle East and Asia Pacific 16% 14% 14% 10% 8% 9% 6% 6% 5% 5% 4% 4% 9% 11% 28% 24% 18% 11% Less than 1,000 1,000 to 5,000 5,001 to 10,000 10,001 to 25,000 25,000 to 75,000 More than 75,000Financial services Industries represented Organization size Public sector Services Retail Energy and utilities Industrial Health & pharmaceutical Consumer Technology and software Transportation Other Hospitality Education and research, 1% Communications, 1%
  • 19. 19Copyright © 2015 Accenture All rights reserved. 19Copyright © 2015 Accenture All rights reserved. For more information, visit: accenture.com/cybersecurity 19Copyright © 2015 Accenture All rights reserved.

Editor's Notes

  1. Leapfrog companies place a 33% greater value on security innovation. Leapfroggers rate the importance of security innovation as 8.1, while static companies rate it as 6.1 on average. Furthermore, 36% of leapfroggers have a dedicated budget for security innovation, compared to only 21% of static companies. So leapfroggers are 71% more likely to value security innovation.
  2. Leapfroggers place a 20% higher value on the importance of using metrics: The importance of deploying metrics is rated at 7.8 by leapfroggers vs. 6.5 by static companies.