Whenever you visit our websites, information may be collected using cookies and similar tools to improve your user experience and to enhance the performance of the website.
Closing this message means you accept the use of cookies.
How would you rate your organization’s security policies, procedures,and technology safeguards in their ability to address the current threat landscape?
2010 (N=285)
2015 (N=303)
Excellent, capable of addressing almost all of today’s threats
22%
37%
Good, capable of addressing most of today’s threats
56%
54%
Fair, capable of addressing only some of today’s threats
18%
9%
Poor, capable of addressing few of today’s threats
Table 2. Respondents Rate Organization’s Executive Management Team with Regard to Cybersecurity Initiatives
In your opinion, how would you rate your organization’s executive management team on its willingness to invest in and support cybersecurity initiatives?
2010 (N=285)
2015 (N=303)
Excellent, executive management is providing the optimal level of investment and support
25%
45%
Good, executive management is providing an adequate level of investment and support, but we could use more
49%
45%
Fair, executive management is providing some level of investment and support, but we could use much more
21%
9%
Poor, executive management is not providing the right level of investment and support and we could use much more
Table 3. Incidence of Best Practices for IT Vendor Security Audits
Best Practice Step
Percentage of Total Survey Population
Organization always audits the internal security processes of strategic infrastructure vendors.
53%
Organization always audits the internal security processes of strategic infrastructure vendors AND
organization uses a formal audit process for all vendor audits.
27%
Organization always audits the internal security processes of strategic infrastructure vendors AND
organization uses a formal audit process for all vendor audits AND
organization employs formal metrics/scorecards where IT vendors must exceed a scoring threshold to qualify for IT purchasing approval.