Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Protiviti's Security & Privacy survey 2017

232 views

Published on

As global cybersecurity risk continues to increase, Protiviti's new Security and Privacy study looks at how well organizations are managing cyber risk today

Published in: Business
  • Be the first to comment

  • Be the first to like this

Protiviti's Security & Privacy survey 2017

  1. 1. 49% 18% 85% 66% 48% 14% Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services. © 2017 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. For more information and to download a complimentary copy of our survey report, visit Protiviti.com/ITSecuritySurvey. Managing the Crown Jewels and Other Critical Data When tackling cyber risk, board involvement and effective communication continue to drive performance, according to the results of Protiviti’s 2017 Security and Privacy Survey. On a scale of 1 to 10, where “10” is a high level of confidence and “1” is little or no confidence, rate your level of confidence that your organization is able to: How engaged is your board of directors with information security risks relating to your business? High engagement and level of understanding by the board Medium engagement and level of understanding by the board Low engagement and level of understanding by the board Don’t know Current 2015 33% 28% 37% 32% 12% 15% 18% 25% Companies with high board engagement in information security Companies with high board engagement in information security Management has an excellent understanding of what comprises the “crown jewels” Organizations that have a clear data classification policy in place that categorizes the organization’s data and information – sensitive, confidential, public, etc. Management does an excellent job of communicating to employees the need to differentiate between public and sensitive data and how each is treated Companies without high board engagement in information security Monitor, detect and escalate potential security incidents by a well-funded attacker 7.9 6.6 Prevent a targeted external attack by a well-funded attacker 7.6 6.2 Prevent an opportunistic breach as a result of actions by a company insider 7.5 6.2 Companies without high board engagement in information security

×