Ireland is a cybersecurity powerhouse according to Accenture's third annual State of Cyber Resilience Study. Based on a survey of more than 4,600 enterprise security experts worldwide, the study found that Ireland is the country with the highest proportion of cybersecurity leaders globally.
A cybersecurity leader is a company that achieves significantly better results from its cybersecurity technology investments than other organisations. Leaders were characterised as among the highest performers in a number of categories including stopping attacks, finding and fixing breaches, and reducing breach impact.
Overall, 28 per cent of Irish companies were classified among this elite group as opposed to an average of 17 per cent for other countries covered by the study.
“Our research has identified a group of standout organisations in Ireland that appear to have cracked the code of cybersecurity when it comes to best practices,” says Jacky Fox, managing director of Accenture Security in Ireland.
“These leaders are far quicker at detecting a breach, mobilising their response, minimising damage and getting operations back to normal.”
She believes Ireland’s strong showing in the study is due to a combination of factors. “I was really delighted with that result but not very surprised,” she says. “A huge variety of organisations emerged as cybersecurity leaders. These companies have very diligent boards who woke up to the cybersecurity issue a lot earlier than many others. We have also been lucky in our regulators like the Central Bank and the Department of Communications who have been beating the cybersecurity drum for quite a while.”
Preventing attacks
The standout qualities of cybersecurity leaders begin with their ability to stop attacks. It is important to differentiate between an attack and a breach in this respect, Fox explains. “Organisations get attacked all the time. A breach is a successful attack which results in a loss of data or an interruption to service or other problem. Cybersecurity leaders are better at stopping attacks in the first place, before they can result in a breach.”
They are also better at finding breaches faster when they do occur. Indeed, the Accenture research found that leaders were four times more likely than non-leaders to detect a breach in less than one day. This is a vast improvement on the situation which pertained some years ago when it could take up to six months for an organisation to discover a breach.
“There are also instances where breaches have been found but not acted upon,” she adds.
That can lead to particular problems as hackers can often breach a network and then bide their time awaiting an opportune moment to act. Some of them even specialise in getting in and then selling the access to other bad actors who go ahead and steal the data or interrupt the operations of the organisation.
“There is a parallel with a burglar breaking into a house,” Fox notes. “They want to know that they can keep getting in. They might look for the equivalent of a window to leave on the latch. Leaders find these breaches faster and have a much better chance of preventing damage.”
It's clearly better to have well thought-through plans in place than to sit around a table in a state of panic trying to figure out what to do next
They are also very good at fixing breaches once they have been found. The survey found leaders have a threefold advantage when it comes to the speed at which they can fix a security breach. And when defences fail, 55 per cent of leaders in Ireland fixed breaches in 15 days or less, on average, while 34 per cent of breaches in this country had no impact at all.
“Leaders are really good at finding out how the hackers got in and shutting off the access point. They are very also good at predicting what they are going to do and stopping them in their tracks,” Fox confirms.
The other key characteristic of leaders is their ability to minimise the impact of a breach when it does occur. “They understand that it is not a question of if they will be breached, it’s when,” Fox points out. “They tend to have good incident response plans in place which identify the things that could happen, the people responsible for dealing with them, and the actions to be taken in response. It’s clearly better to have well thought-through plans in place than to sit around a table in a state of panic trying to figure out what to do next.”
A major issue at present is the shift to home working due to the Covid-19 crisis. “Some organisations were well set up for this already,” says Fox. “A lot of that can be cultural. Leaders will have thought about this already and will make sure employees are not doing risky things like logging onto open unsecured wifi and so on. It wouldn’t be unusual for them to have already prepared for pandemic risk as part of their business continuity planning.”
It’s more of a challenge for organisations without a home working culture, however. “They may not have the controls in place for secure home working. We are helping clients understand the risks posed and to put in place the measures required to reduce the risk as much as possible.”
[To learn more about Accenture's research, download the Third Annual State of Cyber Resilience study]
Assessing cyber maturity
Organisations aspiring to become cybersecurity leaders should seek to understand their current status. “Every organisation is at a different level of cyber maturity,” says Fox. “There tends to be 15 to 20 areas to look at to determine that level. When you have examined those, you have to look at the risk appetite of the organisation. How would you feel if you were breached and that caused a regulatory issue? Are you happy to tolerate that and just pay the fine or do you want to prevent it?”
After that it’s a question of looking at who is coming in and out of the network and if that should be allowed to continue, looking at the data going out and if that is appropriate, the defences currently in place, and the ability of the organisation to continue to do business in the event of a breach.
“Mapping the organisation in that way will show where it is on the maturity scale and what it needs to do to defend itself and respond if something weird has happened,” she continues.
Every organisation will have a budget that it will want to spend on cybersecurity
That might be a case of putting fairly simple policies and procedures in place. “Things like changing passwords regularly, not to leave your laptop on the bus, basic cybersecurity hygiene really. After that there are technical controls to help. At end of the day, we’re all human and we make mistakes like clicking on phishing emails or unsafe sites. Having software in the background to warn about these things is essential.”
Leaders are also investing in advanced technologies like artificial intelligence and robotic processes. “It’s a known problem that there are not enough cyber professionals in the world,” Fox says. “One of the ways leaders try to address this is by automating repeatable tasks. They take away the low-level repetitive processes so that their people can spend their time on more strategic activity instead of being stuck down in the weeds.”
But technology on its own cannot provide a solution. “A lot of people who look at cybersecurity want to buy shiny new technologies to help and think if they buy the latest tools, they will solve the problem. But if the tools aren’t properly managed, they just become overheads. Leaders are very good at managing the tools they have invested in properly and keeping them updated,” Fox points out.
Ultimately, it’s not about the amount of money spent, it’s how it’s spent. “Every organisation will have a budget that it will want to spend on cybersecurity,” Fox concludes. “Our job is to help them spend that in the right areas and maximise its effectiveness.”
[ Third Annual State of Cyber ResilienceOpens in new window ]