Despite growth in cyber awareness, organisations are still victims of cyber breaches

As cyber awareness begins to grow within organisations, many of them are still falling victim to cyber breaches.

A new Accenture report, State of Cyber Resilience highlighted that more than 60 percent of organisations are still falling prey to breaches. 

Anu Kukar, cyber strategy lead at Accenture ANZ told Digital Nation despite the benefits of more closely aligning cybersecurity programs to business objectives, some organisations aren’t engaging in cybersecurity early enough in their transformation processes which leaves them vulnerable. 

“We found that when it comes to embedding security controls, 18 percent still deploy them after they’ve finalised a transformation effort— and that’s only if vulnerabilities are detected, which is too little, too late,” she said.

“The approach these organisations take to cybersecurity must evolve from an incident-driven reaction into part of the fabric of their transformation efforts if they want to stay secure against future threats.”

Many organisations are failing to keep pace with the scope and scale of cyber risk, Kukar explained.

“Whether this is due to quickly changing regulatory requirements, such as those within the banking and software and platform sectors, or mounting risks outside the organisation, such as geopolitical tensions, supply chain vulnerabilities and economic uncertainties, organisations are finding themselves under increasing pressure,” she said.

Kukar said the speed and sophistication at which cybersecurity is evolving is also making it increasingly difficult for these organisations to manage.

“Cybersecurity should be baked into an organisation's business objectives at a foundational level. This means cyber defence and resilience are the responsibility of the business - not just the tech team - and modern CISOs need to be skilled in people, processes and transformation to thwart these new threats,” she said.

“We found that where businesses have looked at the entire ecosystem from a transformational perspective, they have greater cyber resilience.”

For organisations to be more proactive than reactive in terms of cyber resilience, Kukar said businesses need to convert cybersecurity from an incident-driven reaction into part of the foundation of their transformation efforts.

“Organisations are not only better placed to boost their cyber resilience but to also position themselves more safely when undergoing whole enterprise changes,” she said.

“Some of the steps leading organisations are taking to become more proactive and drive better business outcomes include risk management, cybersecurity-as-a-service, protecting your ecosystem and automation.”

However, the cyber report noted when organisations implement a cyber program, it benefits many facets of the business.

Those organisations that implement cybersecurity programs to business objectives are 18 percent more likely to drive revenue growth, and market share and improve customer satisfaction, as well as 26 percent more likely to lower the cost of cybersecurity breaches and incidents.

New tech, new risks

The accelerated adoption of digital technologies like generative AI mixed with complex regulations, economic uncertainties and geopolitical tensions are affecting the number of cyber-attacks.

Kukar said these factors are testing organisations’ approach to managing cyber risk as new threats develop faster than humans can respond to.

“Utilising machine-to-machine attack and defence capabilities will be the most effective way to counter these threats at speed and as the technology scales,” she said.

“Humans will not be entirely obsolete in this, but their role in combating cyber-attacks will not be on the technical side. And this is where organisations are struggling.”

Given how rapidly the technology is advancing, Kukar said proactivity and adaptability will be crucial to prepare for and combat these emerging AI risks and challenges.

“Businesses cannot afford to sit back. The companies better equipped to combat these attacks are relying heavily on automation in their cyber security programs, enabling them to rapidly scale their defences to keep pace with the advancements in AI,” she said.

“Organisations harnessing AI will be in a better position to bolster their cyber defence strategies and mitigate the risks associated with AI-driven attacks.”