Over the past 24 hours, there has been significant press on the LockBit ransomware attack on Accenture. While the full impacts of the attack are not yet known, Accenture’s response to the attack is a textbook case of how an investment in cybersecurity can pay dividends in the form of risk reduction. Accenture’s ability to quickly identify, contain and respond to the attack demonstrates the maturity of its cybersecurity program and is a key reason it is named as a “Leader” in the ISG Provider Lens™ Cybersecurity – Solutions & Services - U.S. 2021.
Many ransomware victims have experienced extended outages or paid substantial ransoms to unlock their data. Accenture was able to avoid this for three reasons:
- Its security operations center (SOC) had appropriate controls in place to quickly identify the attack.
- The company’s incident response plan was executed immediately, preventing the ransomware from spreading across systems.
- An effective backup and recovery strategy kept business impact and data loss to a minimum.
Data from Statista show that, in 2020, more than 145 million U.S. companies were impacted by ransomware attacks. Of those, 68% paid ransoms at an average value of $8.6 million. As the costs of ransomware attacks escalate, insurance companies specializing in this area are reducing exposure by excluding ransomware payments from policy coverage. Accenture was able to avoid reliance on a cyber insurance policy issues because it has a comprehensive cybersecurity program.
Having a clear understanding of your cybersecurity maturity and your responsiveness to potential threats is the most effective way to avoid the cost and reputational damage that comes with a breach.
The next step is to improve your cybersecurity maturity. We can help you do this in three steps:
- Conduct a cybersecurity assessment using industry standard frameworks like NIST CSF to baseline your current capabilities
- Develop a strategic roadmap, including an investment profile, to reduce immediate exposure to risk and provide a long-term plan for minimizing potential loss
Build and manage a cohesive partner ecosystem to support your long-term cybersecurity strategy.
Ransomware attacks are becoming more and more common, and no organization is immune from malicious actors. Building a robust cybersecurity program is simply the cost of doing business today. Contact us to find out how we can help.
About the author
Doug currently leads the ISG Cybersecurity unit and offers expertise in cybersecurity strategy, large scale transformation projects, infrastructure, Digital enablement, relationship management, and service delivery. Clients benefit from Doug's expertise from years of working with global clients within the life sciences, automotive manufacturing, aerospace, banking, insurance, financial services, healthcare, utilities and retail industries, as well as his deep and current knowledge of the service provider market. Doug routinely performs Strategy and Assessment engagements to assist clients in understanding how to select the optimal organizational and operational models to meet their business needs while minimizing security exposure and risk of loss.