Last week we talked about responding to cyber threats during the 15CFAM series. We said that, developing plans for how utilities will respond to cyber incidents is critical for resilience from such events. This week, Accenture published the Accenture State of Cybersecurity 2020 report which includes some very poignant observations about building a resilient incident response plan. The report classifies organizations into ‘leaders’ and ‘non-leaders.’ The ‘leaders’ are those who set the bar for innovation and achieve high-performing cyber resilience. The report notes the average cost of a cyber attack for ‘non-leaders’ stands at $380,000 per incident. Likewise, given the rate of cyber attacks today, a security breach can easily run a non-resilient business into a major loss. Accenture suggests breaking incident response planning into three steps: assessing risk tolerance, threat awareness and detection training, and incident response technologies. While a good resource for all, drinking water utilities may find this report particularly insightful as they continue addressing Emergency Response Plans (ERPs) for America’s Water Infrastructure Act (AWIA) requirements. For more highlights from the report, visit TripWire.