PwC recently released the first set of results from their 2018 Global State of Information Security® Survey, which was based on responses from 9,500 executives in 122 countries and more than 75 industries. PwC’s key findings include:

  • Former employees are the most likely source of data security incidents, compared to unknown hackers, competitors, or third parties (e.g. contractors, vendors).
  • Despite the increasing use of Internet of Things (IoT), only 34% of respondents said that their organizations had plans to assess IoT security risks across their business ecosystems.
  • Only 44% of respondents said that their corporate boards actively participate in their companies’ overall security strategy.
  • Only 52% of the organizations surveyed employ a chief information security officer (CISO).
  • 48% of respondents said their companies do not have an employee security awareness training program.
  • 54% of respondents said they their companies do not have an incident-response process.

These findings demonstrate that, even with all of the attention to data security risks, many companies still have not taken appropriate steps to protect their data.

TIP: A company must do more than just recognize that its data is at risk—it must take cross-departmental precautions and implement cross-functional protocols to mitigate the risks.