Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesSecurity Leadership and ManagementSecurity & Business ResilienceSecurity Education & TrainingGovernment: Federal, State and Local

Leaders show path to affordable cyber resilience without increasing their spending

By Aaron Faulkner
Accenture’s Third Annual State of Cyber Resilience report
October 14, 2020

Nearly one third of federal cybersecurity executives surveyed in a recent global survey indicated that they employ a series of best practices to bolster cyber resilience in their agencies – and they do so without increasing their spending.

These federal executives said their cyber resilience measures have improved how they stop attacks, find and fix breaches and reduce the impact of intrusions, according to Accenture’s Third Annual State of Cyber Resilience report.

In the research, we surveyed 4,644 security executives from 24 industries in 16 countries, including 100 federal cyber experts. Using a detailed model of cybersecurity performance, the report classified 28 percent of federal executives as leaders, compared to just 17 percent of the remaining respondents.

What else sets leaders in our survey apart, though, is their ability to use cyber technologies that evolve with these threats without breaking the bank. According to our analysis, a cyberattack costs non-leaders an average of $380,000 to defend and remediate. For leaders, that amount is shaved down to $107,000, on average.

The survey paints a promising picture for security executives, yet work remains. As diligent as these execs are in battening down the hatches, cyber criminals are also getting wiser. As large targets, federal agencies need to consistently reassess their security posture to protect not only their own enterprises, but their operational ecosystems and supply chains.

Emerging federal threats meet long-standing challenges

The best practices for cyber resilience include leveraging shared threat intelligence, continually updating systems with cutting-edge technology, employing a nimble staff, and automating detection and response to keep pace with the advancements of bad actors.

As our report shows, federal agencies continue to face new forms of attack. Instead of directly attacking their targets, we found cyber criminals increased their use of indirect attacks where they target third parties such as suppliers. This type of attack leads to vulnerability for agencies that rely heavily on a contractor network to achieve their missions. It also means federal agencies need to extend cyber protections beyond their own four walls and into every partner they encounter.

Recognizing this vulnerability, the Department of Defense has mandated compliance with its new Cybersecurity Maturity Model Certification (CMMC) for the 300,000 companies that comprise the defense industrial base (DIB). This is good, as it creates a common baseline with defined levels of maturity based on prescribed and assessed practices. It illustrates that federal agencies will always be under attack and thus the need for cyber resilience will never wane.

However, it shines a bright light on the need and commitment to a joint network defense model, where the DIB (traditional and non-traditional defense contractors, research institutions, and academia) and the departments and agencies it serves, share indicators of attack and compromise in near real-time. This establishes a security model where an adversary must beat all of us to defeat one of us.

However, it shines a bright light on the need and commitment to a joint network defense model, where the DIB (traditional and non-traditional defense contractors, research institutions, and academia) and the departments and agencies it serves, share indicators of attack and compromise in near real-time. This is directly aligned to the recommendations of the Cyberspace Solarium Commission to establish a security model where an adversary must beat all of us to defeat one of us.

What else sets leaders in our survey apart, though, is their ability to use cyber technologies that evolve with these threats without breaking the bank. According to our analysis, a cyberattack costs non-leaders an average of $380,000 to defend and remediate. For leaders, that amount is shaved down to $107,000, on average.

Yet for all of the cost-savings and leadership exhibited by federal cyber execs, there are still hurdles to overcome.

Federal procurement challenges

One such hurdle is a lengthy procurement process that makes it difficult to keep up with innovation. Existing long-term procurement processes typically lock federal agencies into a technology for a minimum of five years, a lifetime in today’s ever-evolving world of cyber threats. It is nearly impossible for an agency to anticipate what the threat landscape will look like in one year, let alone five.

This is compounded by the sheer volume of technology solutions on the market. More than 3,000 unique vendors sell cyber software, creating a smorgasbord of potential solutions with varying levels of effectiveness. As a result, federal agencies must pick the right technology that will be viable for an unpredictable future. This is an incredibly difficult and expensive exercise that produces mixed results.

Seventy-five percent of federal executives report that cyber costs continue to rise, with 60 percent of survey respondents saying that they are unsustainable. Agencies must also contend with the technology talent gap, as a massive deficit in available talent makes it difficult to hire and manage in-house security staff.

The case for managed services

Federal agencies face many challenges in maintaining cyber resilience, but there is a solution.  Similar to the way that they have embraced the cloud, federal agencies can take advantage of managed security services to access state-of-the-art, FedRAMP authorized platforms, and the cyber talent to achieve greater predictability and benefit from economies of scale.

Seventy-five percent of federal executives report that cyber costs continue to rise, with 60 percent of survey respondents saying that they are unsustainable. Agencies must also contend with the technology talent gap, as a massive deficit in available talent makes it difficult to hire and manage in-house security staff.

With this model, federal technology executives can establish agency cyber goals and priorities that the managed services provider can execute against to contractually defined service levels and performance indicators. The managed services company brings together innovative technologies, highly trained staff and automated processes to provide more comprehensive coverage with faster response than most agencies could muster on their own.

As one benefit, managed service providers can remove and add different technologies as needed to maintain an agile cyber defense against evolving threats. This ensures that each technology serves a specific purpose with outdated or ineffective services removed. Technologies are also regularly updated, ensuring that agencies always have the most up-to-date version of each product.

Managed services can help federal leaders meet the best practices established in our report at a reasonable price point. But first, federal agencies will need to gain comfort and trust with a new approach, as they did with commercial cloud services.

Conclusion

The federal leaders we identified use their resources to achieve maximum results, which is an increasingly difficult prospect in a world with ever-evolving threats, thousands of technology choices and a procurement system that makes innovation near impossible.

Managed services is a proven alternative. It provides an avenue for continual innovation and technology evolution without locking agencies into a technology that could become obsolete as things change.

KEYWORDS: business continuity business resilience cyber security cyber threats cybercrime

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

420x420 aaronfaulkner
Aaron Faulkner is a managing director with Accenture Federal Services and leads the cybersecurity practice across the U.S. Department of Defense, Intelligence Community, Public Safety and Civilian and Health sectors.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Shared wooden desks with monitors on each side

    Operational resilience in the C-Suite agenda: A path to asset safety

    See More
  • crossing sidewalk

    Key traits of security leaders in cyber resilience

    See More
  • The Uncharted Path for New Security Leaders

    2016 Security Leadership Issue: The Uncharted Path to Educate New Security Leaders

    See More

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing