PwC recently released the first set of results from their 2018 Global State of Information Security® Survey, which was based on responses from 9,500 executives in 122 countries and more than 75 industries. PwC’s key findings include:
- Former employees are the most likely source of data security incidents, compared to unknown hackers, competitors, or third parties (e.g. contractors, vendors).
- Despite the increasing use of Internet of Things (IoT), only 34% of respondents said that their organizations had plans to assess IoT security risks across their business ecosystems.
- Only 44% of respondents said that their corporate boards actively participate in their companies’ overall security strategy.
- Only 52% of the organizations surveyed employ a chief information security officer (CISO).
- 48% of respondents said their companies do not have an employee security awareness training program.
- 54% of respondents said they their companies do not have an incident-response process.
These findings demonstrate that, even with all of the attention to data security risks, many companies still have not taken appropriate steps to protect their data.
TIP: A company must do more than just recognize that its data is at risk—it must take cross-departmental precautions and implement cross-functional protocols to mitigate the risks.