Scribd Logo
Upload

Welcome to Scribd!

  • 2016 Global State of Information Security Survey Sample Slides

    Uploaded by

    IDG_World
    5K views8 pages
    The annual Global State of Information Security Survey 2016 is the most comprehensive overview of the evolving information security industry. This year’s results show that organizations are still playing catch up in protecting their assets. Emerging technologies and the adoption of risk frameworks are becoming a key part of cybersecurity. Here is a sample of some of the results.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The annual Global State of Information Security Survey 2016 is the most comprehensive overview of the evolving information security industry. This year’s results show that organizations are still playing catch up in protecting their assets. Emerging technologies and the adoption of risk frameworks are becoming a key part of cybersecurity. Here is a sample of some of the results.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5K views8 pages

    2016 Global State of Information Security Survey Sample Slides

    Uploaded by

    IDG_World
    The annual Global State of Information Security Survey 2016 is the most comprehensive overview of the evolving information security industry. This year’s results show that organizations are still playing catch up in protecting their assets. Emerging technologies and the adoption of risk frameworks are becoming a key part of cybersecurity. Here is a sample of some of the results.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    Sample of the

    2016 Global State of


    Information Security Survey

    Enterprise Organizations Still Being Pummeled


    AVERAGE NUMBER OF SECURITY INCIDENTS IN PAST YEAR

    9,156

    8,640
    2016

    2015

    3,577

    693
    Enterprise (1,000+)

    SMB (<1,000)

    Q: What is the number of security incidents detected in the past 12 months? (Base: Know the number of security incidents in past 12 months)
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    Organizations Adopting Risk-Based InfoSec Frameworks

    43%

    Have adopted ISO 27001

    36%
    37%

    Have adopted NIST Cybersecurity Framework


    31%
    32%

    Have adopted SANs Critical Controls

    24%
    28%

    Have adopted ISF Standard of Good Practice

    22%
    20%

    Have adopted other information security framework(s)


    11%
    Have not adopted an information security framework

    6%
    11%
    10%

    Do not know
    Enterprise (1,000+)

    11%
    SMB (<1,000)

    Q: Has your organization adopted a risk-based information security framework such as the NIST Cybersecurity Framework,
    ISO 27001, Information Security Forum (ISF) Standard of Good Practice?
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    CEOs See Cybersecurity as More Than an IT Issue


    MY CEO
    Understands that cybersecurity is a top
    business risk

    43%

    Promotes cybersecurity as a corporate


    governance imperative, not simply an IT issue

    39%

    Understands the costs and benefits of the


    cybersecurity program

    39%

    Supports sufficient funding and resources for


    the cybersecurity program

    38%

    Understands the organizations information


    security technologies

    32%

    Invites the CISO/CSO to participate in


    executive and Board meetings

    28%

    Is aware of the legal implications of information


    security risks
    None of the above
    Do not know

    24%
    4%
    7%

    Q: Which of the following statements describes the role of your organizations CEO in cybersecurity practices?
    Q: Does your organization have a senior executive (CEO, CFO, COO, etc.) who proactively communicates the
    importance of information security to the entire organization?
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    Strategies Involve Cloud-based Security Components


    59%

    Real-time monitoring and analytics

    51%
    57%

    Advanced authentication (multifactor,


    biometrics, smartphone tokens)

    50%
    51%

    Identity and access management

    43%
    50%

    Threat intelligence

    42%

    47%

    End-point protection

    Collaboration and information sharing

    Detection and response capabilities

    40%
    37%
    31%
    36%
    28%

    Enterprise (1,000+)
    SMB (<1,000)
    Q: Does your organization use cloud-based security services to help ensure data security and privacy?
    Q: Which of the following components of cloud-based security has your organization adopted?
    (Base: Organization has adopted a cloud-based security service)
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    Big Data Analytics Identify Incidents

    51%

    Currently in place

    44%
    23%
    25%

    Not in place but is a priority over the


    next 12 months

    14%
    14%

    Currently outsourced

    No plans to adopt

    Do not know

    9%
    14%
    6%
    6%

    Enterprise (1,000+)

    SMB (<1,000)

    Q: Does your organization employ Big Data analytics to model for and identify information security incidents?
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    Securing IoT an Immediate Need

    36%
    30%

    15%
    10%

    A security strategy is
    in place

    We are currently
    implementing a
    security strategy

    A security strategy is We have no plans to


    not in place, but is implement this type of
    priority over the next
    security strategy
    12 months

    9%

    Do not know

    Q: Does your organization have a security strategy for the convergence of information, operational,
    and consumer technologies (also known as the Internet of Things)?
    Source: The 2016 Global State of Information Security Survey, in partnership with PwC, CIO, CSO, October 2015

    Continue the conversation


    To receive more information on CSOs audience, please contact:
    Sue Yanovitch, VP, Marketing at IDG Enterprise
    syanovitch@IDGEnterprise.com
    To get results from additional IDG Enterprise research when it
    happens, or any other news, follow us on Twitter:
    @IDGEnterprise
    ADDITIONAL WAYS TO STAY ON TOP OF INFORMATION FROM IDG ENTERPRISE:

    Sign up to receive our monthly marketing


    newsletter at www.idgenterprise.com/newsletter
    Visit us on LinkedIn:
    www.linkedin.com/company/idg-enterprise

    You might also like