New York City is both behind, and ahead of, the rest of the world when it comes to defending itself against the ever-evolving, sophisticated world of cyberattacks. New research shows that on average, New York City-based companies are worse at preventing cyberattacks than companies worldwide, but are on average faster at identifying and remedying breaches when they do occur.
In a new report, the global consulting firm Accenture surveyed 100 New York City-based C-suite executives to evaluate the extent of their security capabilities. The report found that companies have become especially efficient in responding to cyberattacks – the majority of breaches are found within seven days, and 87 percent of respondents were able to fix breaches in less than 60 days (higher than the global average of 74 percent).
“This is the first time we have seen such measured improvement of organizations gaining ground on cyber-attackers,” Lynn McMahon, managing director of Accenture’s New York City office, said in an email. “But there is more work that needs to be done.”
Most of the threats that companies face come in the form of internal attacks and malicious insiders – someone with inside access disabling the system, injecting a Trojan virus, or even stealing sensitive information. Other common types of cyber threats revealed by the report included hacker attacks (48 percent) and configuration errors that affected security (48 percent).
This year, global spending on cybersecurity is expected to total over $96 billion – an 8 percent increase from 2017, according to research firm Gartner, Inc. New York City companies are keeping with that trend, spending 22 percent of their IT budgets on cybersecurity, which is higher than the global average, Accenture found.
Where New York City companies are falling short, however, is in their ability to prevent these attacks in the first place. Though New York respondents were able to prevent nearly three-quarters of targeted attacks, companies around the globe report a success rate of 87 percent.
This year, a spate of data breaches have caused trouble, both for companies and for their customers. A breach at a fitness app owned by Under Armour compromised the user names, email addresses and passwords of roughly 150 million users. In 2017, Russian hackers probed United States power grids – a breach the Trump administration acknowledged earlier this year.
New York City has made strides to protect its residents from cyberattacks. In March, Mayor Bill de Blasio launched a free app to help alert residents of possible cyber threats on their own devices, and announced plans to beef up the city’s wifi networks. Still, there’s no proof that New York City companies are especially vulnerable.
“New York City is home to some of the largest companies in the world – but the research does not show that they are especially prone to cyberattacks,” McMahon said.
Accenture’s report advocates greater investment in cyber defense capabilities, as well as advancing the role of chief information security officers at companies, potentially giving them, rather than CEOs, more control over cybersecurity budgets. The report also mentions the changing tools of cybersecurity, noting that executives expect defense technologies will include more artificial intelligence and machine learning in the future.