In the past year, 82 percent of large companies have increased their investments in cyber security. At the same time, more than half say that they have difficulty effectively preventing cyber attacks, identifying and managing intrusions, and reducing the attacks’ damage to operations. And it’s not so strange. According to the study “State of Cyber Security Resilience” from Accenture, the number of cyber intrusions has increased by 31 percent compared to the previous year.Read the report on cybersecurity resilience here Although most companies struggle to keep their nose above water when it comes to escaping cyberattacks, there are those who do really well. The study identifies a small group of companies that have actually succeeded well in building their cybersecurity work, and in addition have managed to integrate it with their business strategy. – It does not matter how much money you invest in your security work if you have not first understood how to can integrate it with your business, says Bala Periasamy, responsible for Accenture Security in Sweden. – And this is where these companies differ from the rest. It is not enough to just concentrate on the business or on security, it is about creating a balance between the two. The companies that have a clear idea of what cyber threats exist and how they relate to their own business strategy are the ones that do best.
Create leverage on investments in cybersecurity
The report uses four metrics to measure companies’ resilience to cyber attacks, and the study shows that the companies that find this balance perform at the top in all categories. Not only do they stop significantly more attacks, they are also better at detecting them quickly and reducing the negative impact of the attack. – This depends on how they act in several areas, Bala Periasamy explains. – First, they have a good understanding of how the general threat picture can be linked to their particular business. Secondly, they are good at keeping attackers out through both their own work and cooperation with others. And thirdly, they are good at following up and measuring all the security efforts they face. But what Bala Periasamy thinks really sets them apart from the rest is the leadership. In these companies, the CEO is directly involved in the security strategy, and those responsible for IT security report directly to him or her. – I have worked with cyber security from a strategic perspective for over a decade, and I think it is remarkable that no more has realized that it is a close relationship between the IT department and management that is required to create leverage on investments in cyber security, says Bala Periasamy.On the other hand, the pandemic of the last two years, with the explosion of digitization and the focus on ransomware attacks that it has brought with it, has changed this situation. – I see a much greater interest from company management now compared to before the pandemic. But proactivity must come from both sides. The company’s CEO must take the initiative, and the CIO must learn to relate security issues to the business. It is not enough to say “cybercrime can harm us”, but rather “so many hours of downtime due to an attack cost us so much”. Then the two areas can understand each other, says Bala Periasamy.
A struggle to stay one step ahead
Where to start then, and where does the money invested benefit most? Few organizations today have the answer to that question, and 81 percent of the companies in Accenture’s study state that it is a struggle to stay one step ahead, while the costs risk becoming unsustainable in the long run. – It is about finding out where the company is most vulnerable, and the only way to find out is to test its resilience, says Bala Periasamy. To help its customers do just that, Accenture 2021 bought the cyber security company Sentor. – One of the biggest security threats right now is that so many companies believes in the old myth that attackers are always looking for a specific company, says Åse Holmberg, CEO of Sentor. – But this is very rare, but cybercriminals are looking for money. The first step is usually to look for low-hanging fruit through known vulnerabilities that can give access to most companies, and then it does not matter where the company is or what it does.Bala Periasamy and Åse Holmberg, CEO of Sentor. To help companies find these security flaws, Sentor recommends its customers work according to the concept Blue and Red Teaming. – The terms are taken from the military, and in simple terms you can say that the blue team focuses on defending the organization, while the task of the red team is to simulate an attack to identify your weaknesses before any outsider has time to do so.
More than half (55 percent) of large companies find it difficult to effectively prevent cyber attacks, identify and manage intrusions, and reduce the attacks’ damage to operations. The report shows that four out of five respondents (81 percent) state that it is a constant struggle to stay one step ahead. those who carry out the attacks, and that the costs of security can become unsustainable in the long run. This corresponds to an increase of 12 percentage points compared with last year’s report.82 percent of the companies state that they have increased their investments in cybersecurity in the past year. Despite this, intrusion – which includes improper access to data, applications, services, networks or devices – has increased by 31 percent compared with the previous year. The study showed that an average of 270 intrusions are carried out per year per company.
The vulnerability remains in older systems
Until today, Red Teaming has been carried out on a fairly limited scale, but as cyber security threats increase, more and more companies in more and more industries are seeing the benefits of using this methodology. – The advantage is that Red Teaming can be used to detect almost all types of security flaws. Today, most companies think about security when building new systems, but often vulnerabilities remain in older systems or in integrations. At one of our clients, one of our security experts was able to show that it was possible to attack the entire company through a security flaw in the conference system.Read the report on cybersecurity resilience here In other words, using Red Teaming continuously is an effective way to constantly find your most vulnerable points, which in turn makes it easy to direct investments to the places where they do the most good. This is not to say that it is easy. – There are very few people who have the skills to perform this type of test, which makes it difficult for individual companies to do this themselves. If you instead take the help of companies like us at Sentor, you can get help to test security continuously, something that can significantly reduce the risks of being exposed and thus save a lot of money in the long run.