Organizations need to reevaluate their approach to cybersecurity, shifting the focus to cyber-resilience instead of hoping for a foolproof solution against malicious actors.

These days, cybersecurity breaches and ransomware attacks are a daily occurrence in the news.

Enterprises seem to be struggling futilely against the siege of cyber-attacks, with these attacks significantly affecting day-to-day operations. Accenture’s research has shown that organizations experience a 12-day average operational downtime due to ransomware.

It is clear that business and IT leaders need to reevaluate the way they have been approaching cybersecurity, shifting the focus to cyber-resilience instead of hoping for a foolproof solution that will grant them invincibility against malicious actors.

How then can businesses redirect their cybersecurity investments to derive maximum value while ensuring they are adequately protected against external threats? CybersecAsia sought out some answers – such as leveraging the cloud, AI and digital twins – from Mark du Plessis, Managing Director and Security Lead, Southeast Asia, Accenture:

Why is it key for businesses to reassess the way they approach cybersecurity?

Mark du Plessis, Managing Director and Security Lead, SEA, Accenture

du Plessis: COVID-19 has forced many businesses to go digital with remote work implementations, and this shift has significantly ramped up the spread of potential threat vectors. Organizations are also accelerating their digital transformations, much of which is centered around cloud and application-based access.

This change in perimeter has necessitated a change in mindset that not all organizations have yet come to terms with.

Cyber-threats such as ransomware continue to remain major concerns, especially when it comes to critical infrastructures and industries which cannot afford to have their operations crippled by such attacks.

It is no longer realistic to expect to be invincible against cyber-attacks. Some may view this as a reason to completely abandon cybersecurity defenses since no one is fully protected against malicious activities, but this would be an egregious error to make. Rather, businesses should reassess their cybersecurity approach to focus on enhancing cyber-resilience.

What are the trends and challenges businesses are facing when it comes to managing their cybersecurity?

du Plessis: The cyber-threat landscape is growing increasingly complex these days, with cybercriminals becoming more insidious with their methods of attack to bypass security defenses and monetize these for their own benefits.

We saw a triple-digit increase (125%) in intrusion volume across industries and geographies in the first half of 2021 — driven by web shell activity, targeted ransomware, supply chain intrusions and dark web actors challenging IT and OT networks. These threats have resulted in more businesses pushing for greater visibility in their IT environment. More than ever, business leaders want to know how they can protect their own neck if they are breached, and how they can keep a lookout for indicators of compromise, even when it is akin to looking for a needle in a haystack.

We see talent scarcity being even more of a challenge than what it has been traditionally. This has been exacerbated by the current trends of a hot security market and COVID fatigue, leading to high attrition rates across the industry.

Cloud security continues to remain in the spotlight. Businesses in the region are showing interest in wanting to know how they can transition their businesses to the cloud, how they can build a zero-trust network, and how they can get visibility across all workloads and detect anomalies in these IT environments. When it comes to cloud migration, stringent security protocols will need to be in place to ensure adequate protection of business-critical and confidential data.

What are the factors that set cyber-resilient leaders apart from their peers?

du Plessis: Leaders who fared well in cyber-resilience focused on three aspects, namely investing for operational speed, driving value from new investments, and maintaining existing investments.

In the current environment of rising costs and growing third-party threats, security investments must work more effectively and efficiently than ever to prove their worth. Leaders in cyber-resilience prioritized moving fast, and valued their speed of detection, response and recovery.

The rate at which organizations scale investments across their business also has a significant impact on their ability to defend against attacks. The leaders best at scaling technologies were found to have performed four times better than their counterparts in defending against attacks. By looking to scale more, train more, and collaborate more, these leaders were able to increase the value from innovative technology to benefit their organizations.

Security breaches most often happen when organizations fail at fundamental aspects of their protection practices. Leaders understand the need to be brilliant at the basics and they focus more of their budget allocations on sustaining what they already have, compared with non-leaders who place more emphasis on piloting and scaling new capabilities.

What are new and innovative ways businesses can build cyber-resilience in this era?

du Plessis: Despite cyber-attacks escalating at a staggering rate globally, the security industry can seize the upper hand in resilience through a powerful technology innovation: intelligent cyber digital twins. Businesses can leverage this innovation to fortify existing security practices without touching production environments, for example, by constructing a twin of the attack surface that can be used to mimic adversarial movements and assess the risk to business process.

Through intelligent cyber digital twins technology which uses AI, security teams will be able to construct a twin of the attack surface, mimic adversarial movements and assess the risk to business processes using what-if scenarios, predictive analytics and prioritized actions. It is a proactive move toward intelligent defense, and ultimately, security executives can innovate with intelligent cyber digital twins to reinvent security approaches, build trust into the data supply chain, and secure the intelligent data mesh of the future world.

Cloud is another technology that can be leveraged to boost security. Modern advanced threat detection and incident management capabilities mean that cloud is arguably more secure than traditional on-premises systems. Case in point, Accenture research showed that three-quarters (73%) of respondents are confident they enjoy better security protection with their cloud providers than with any solution they can build alone.

As today’s cybersecurity teams need to manage and interpret high-volume, high-diversity and high-sensitivity information while also freeing up their people from data management to concentrate on core missions, cloud can enable teams to meet these competing demands while also transforming the speed and agility with which they can generate and act on insights from data and potential cyber threats.

Businesses must also look at implementing managed extended detection and response (MxDR) services to detect anomalies in their IT environments and respond to them. MxDR entails enlisting the help of a dedicated security team to manage everything end-to-end so that businesses can focus solely on achieving growth. With 24/7 support in detecting, monitoring and reporting incidents should breaches occur, the IT team can quickly launch an incident response to minimize the dwell time and get operations back on track.