For some businesses, cybersecurity may be an abstract threat. Business owners may think "it won't happen to me," or they may be confident in their ability to remain unaffected by a cyberattack.
But a new report by Accenture uncovers just how big of a threat cyberattacks are on businesses.
According to the company's latest data, released this week, about one-third of cyberattacks on businesses are successful in their attempts to infiltrate a firm's existing defenses. That's despite three-quarters of business owners reporting that they are confident in their company's defenses.
Accenture declared the failure rate for these defenses to be "alarmingly high." Its "Building Confidence: Facing the Cybersecurity Conundrum" report found that companies spend about $84 billion in data theft protection. But cyberattacks cost these firms $2 trillion in damages, with researchers forecasting that figure to spike up to $90 trillion by 2030 if businesses don't change the way they protect corporate data.
"Cyberattacks are a constant operational reality across every industry today, and our survey reveals that catching criminal behavior requires more than the best practices and perspectives of the past," concluded Kevin Richards, Accenture Security managing director of North America operations. "There needs to be a fundamentally different approach to security protection, starting with identifying and prioritizing key company assets across the entire value chain."
Accenture's report found that, on average, businesses take months to detect those successful data breaches, and 17 percent said they identified the breach within a year or even longer after the attack occurred. The vast majority of breaches are reported by employees outside the firm's security team, researchers added.
Survey respondents say they lack confidence in their security teams' ability to detect internal threats to their company, with most of these teams focusing on outside attackers.