Organizations that closely align their cybersecurity programs to business objectives are 18% more likely to achieve target revenue growth and market share and improve customer satisfaction, as well as 26% more likely to lower the cost of cybersecurity breaches/incidents, on average, according to Accenture.
Driving successful outcomes
The report identifies a group of companies that are leading the way in their cybersecurity efforts. These companies — which Accenture calls “cyber transformers” and account for 30% of respondents — strike a balance between excelling at cyber resilience and aligning with the business strategy to achieve better business outcomes.
“The accelerated adoption of digital technologies like generative AI — combined with complex regulations, geopolitical tensions and economic uncertainties — is testing organizations’ approach to managing cyber risk,” said Palo Dal Cin, global lead of Accenture Security.
“In this rapidly changing environment, businesses leaders need to embed cybersecurity into the fabric of their digital core transformation efforts to become business resilient. This is one of the key differentiating traits of cyber transformers, who demonstrate that they are better equipped to drive successful business outcomes,” added Dal Cin.
What it takes to be a cyber transformer
Four characteristics set cyber transformers apart from other companies. They:
- Excel at integrating cybersecurity and risk management. Cyber transformers integrate a cyber risk-based framework into their enterprise risk management program; have their cybersecurity operations and executive leadership agree on the priority of assets and operations to be protected; and consider cybersecurity risk to a great extent when evaluating overall enterprise risk (65% vs. 11%).
- Leverage cybersecurity-as-a-service to enhance security operations. Cyber transformers are more likely than others to use managed services providers to administer cybersecurity operations (40% vs. 24%).
- Are more committed to protecting their ecosystem. Cyber transformers are more likely than others to take such actions as incorporating their ecosystem or supply chain partners into their incident response plan (45% vs. 37%) and to require them to meet strict cybersecurity standards (41% vs. 29%).
- Rely heavily on automation. Cyber transformers are far more likely than others to rely heavily on automation for their cybersecurity programs (89% vs. 57%). In addition, 96% of all respondents whose organizations substantially automate their cybersecurity said that automation helps them alleviate cyber talent shortages — a key challenge for any company seeking cyber resilience.
Organizations pursue improvement in cybersecurity programs
“While organizations are taking steps to better align cybersecurity programs with business goals, there is still plenty of room for improvement, with more than 60% of respondents still falling victim to successful breaches coming from outside their organizations,” said Jacky Fox, Accenture Security lead for Europe.
“Working more effectively across the C-suite and ensuring that security efforts have a positive business impact require a business-led CISO who acts as an educator and collaborator with non-security leaders,” concluded Fox.
The report highlights that organizations that embed three key cybersecurity actions into their digital transformation efforts and apply strong cybersecurity practices across the organization are nearly six times more likely to experience more effective digital transformations than those that don’t do both.
The cybersecurity actions that organizations can take to increase the success and satisfaction of their digital transformations are:
- Require cybersecurity controls before all new business services and products are deployed.
- Apply cybersecurity incrementally as each digital transformation milestone is achieved.
- Appoint a cybersecurity representative as part of the core transformation team who orchestrates cybersecurity across all transformation initiatives.