Accenture: Aligning cybersecurity to business objectives helps drive revenue growth and lower costs of breaches

Organizations that closely align their cybersecurity programs to business objectives are 18 percent more likely to achieve target revenue growth and market share and improve customer satisfaction, as well as 26 percent more likely to lower the cost of cybersecurity breaches/incidents, on average, according to new research from Accenture.

Accenture’s “State of Cybersecurity Resilience 2023” report is based on a survey of 3,000 security and business executives from large organizations across Europe, North America, South America and Asia-Pacific. The report identifies a group of companies that are leading the way in their cybersecurity efforts. These companies — which Accenture calls “cyber transformers” and account for 30 percent of respondents — strike a balance between excelling at cyber resilience and aligning with the business strategy to achieve better business outcomes.

“The accelerated adoption of digital technologies like generative AI — combined with complex regulations, geopolitical tensions and economic uncertainties — is testing organizations’ approach to managing cyber risk,” said Palo Dal Cin, global lead of Accenture Security. “In this rapidly changing environment, businesses leaders need to embed cybersecurity into the fabric of their digital core transformation efforts to become business resilient. This is one of the key differentiating traits of cyber transformers, who demonstrate that they are better equipped to drive successful business outcomes.”

Four characteristics set cyber transformers apart from other companies. They:

• Excel at integrating cybersecurity and risk management. Cyber transformers integrate a cyber risk-based framework into their enterprise risk management program; have their cybersecurity operations and executive leadership agree on the priority of assets and operations to be protected; and consider cybersecurity risk to a great extent when evaluating overall enterprise risk (65 percent vs. 11 percent).

• Leverage cybersecurity-as-a-service to enhance security operations. Cyber transformers are more likely than others to use managed services providers to administer cybersecurity operations (40 percent vs. 24 percent).

• Are more committed to protecting their ecosystem. Cyber transformers are more likely than others to take such actions as incorporating their ecosystem or supply chain partners into their incident response plan (45 percent vs. 37 percent) and to require them to meet strict cybersecurity standards (41 percent vs. 29 percent). 

• Rely heavily on automation. Cyber transformers are far more likely than others to rely heavily on automation for their cybersecurity programs (89 percent vs. 57 percent). In addition, 96 percent of all respondents whose organizations substantially automate their cybersecurity said that automation helps them alleviate cyber talent shortages — a key challenge for any company seeking cyber resilience.

“While organizations are taking steps to better align cybersecurity programs with business goals, there is still plenty of room for improvement, with more than 60 percent of respondents still falling victim to successful breaches coming from outside their organizations,” said Jacky Fox, Accenture Security lead for Europe. “Working more effectively across the C-suite and ensuring that security efforts have a positive business impact require a business-led CISO who acts as an educator and collaborator with non-security leaders.”