One-third of cyber attacks result in actual breaches, yet companies still underestimate cyber threats

CHICAGO, 9 Nov. 2016. One in three cyber attacks over the past year has resulted in an actual cyber security breach, which equates to two to three attacks per month for the average company, say cyber threat analysts at information technology (IT) specialist Accenture in Chicago.

Nov 9th, 2016
By Mil & Aero staff
By Mil & Aero staff

CHICAGO, 9 Nov. 2016. One in three cyber attacks over the past year has resulted in an actual cyber security breach, which equates to two to three attacks per month for the average company, say cyber threat analysts at information technology (IT) specialist Accenture in Chicago.

Compounding the problem is the length of time taken to detect these security breaches. More than half of executives say it takes months to detect sophisticated breaches, and as many as one-third of all breaches are not discovered at all by company security teams, according to an Accenture security survey.

Still, 75 percent of security executives are confident in their ability to protect their enterprises from cyber attacks. The Accenture report titled “Building Confidence: Facing the Cybersecurity Conundrum," surveyed 2,000 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries.

Respondents revealed their perceptions of cyber risks, the effectiveness of their security efforts, and the adequacy of existing investments.

Related: Cyber security isn't just about big IT; it's about locks, lights, and even a child's plaything

There needs to be a fundamentally different approach to security protection starting with identifying and prioritizing key company assets across the entire value chain,” says Kevin Richards, managing director of security at Accenture North America.

While survey respondents say internal breaches have the greatest influence, 58 percent prioritize heightened capabilities in perimeter-based controls instead of pivoting to address high-influence internal threats, Accenture analysts say.

Most companies do not have technology in place to monitor for cyber attacks and instead focus on risks and outcomes that have not kept pace with the threat. Organizations will continue with their same countermeasures instead of investing in different security controls to mitigate threats, analysts say.

Cyber security priorities include protecting the company’s reputation (54 percent), safeguarding company information (47 percent), and protecting customer data (44 percent). Less important is mitigating financial losses (28 percent) or investing in cyber security training (17 percent).

For more information contact Accenture online at paste link here.

Learn more: search the Aerospace & Defense Buyer's Guide for companies, new products, press releases, and videos

More in Trusted Computing