“Staying ahead of attackers is a constant battle and the cost is unsustainable”, say 81 percent of the thousands of business and security professionals Accenture surveyed for a recent study. The full report sheds light on the state of cybersecurity in 2021. We report on a selection of the most interesting facts.
In its State of Cybersecurity Report 2021, Accenture notes that global cyberattacks increased by 31 percent between 2020 and 2021. Third-party applications appear to be the most significant risk category: vulnerabilities in third-party applications are said to be the cause of 61 percent of all successful cyberattacks, a 17 percent increase since 2020.
In addition, Accenture suggests that cloud security is not sufficiently considered when cloud goals and projects are discussed. Most respondents say they migrated their applications and data to the cloud for reasons of cost-effectiveness, reliability and access to more advanced technology. At the same time, 32 percent say the cloud is not discussed as an option for the foundation for security. Arguments include poor compliance and manageability, complexity and the pre-requisite of skills that the organization does not have.
Furthermore, Accenture observes an upward trend in security budgets. The average security budget has grown by 82 percent in one year. This accounts for 15 percent of all IT spending, 5 percent more than last year. Accenture emphasizes that COVID-19 is a possible cause, stating that only next year’s survey can confirm whether the increase is a snapshot or trend.
Grain of salt
One statistic garnered the most media attention. “55 percent of all organizations are not effective at stopping cyberattacks, finding and closing leaks and reducing the impact of attacks.” Accenture’s press release and media platforms siliconANGLE and Business Wire allege that the statement stems from Accenture’s research. The problem is that the statement does not appear anywhere in the report. In fact, we find that it takes quite a bit of creativity to interpret the figures that do appear in the report — and conclude that 55 percent of all organizations do not deal effectively with cyberattacks. You don’t have to take our word for it: feel free to review the report yourself, and proceed to take the headlines on this subject with a grain of salt.