DETAILED Global CYBERSECURITY SURVEY Summary RESULTS

DETAILED Global CYBERSECURITY SURVEY Summary RESULTS
October 2017

Source: 2017 AMCC Cybersecurity Survey
Q2: What Is the Number of Employees at Your Firm? Percent of firms in each employee range Source: 2017 AMCC Cybersecurity Survey

Q3: What Is the Number of Office Locations at the Following? Percent of firms in each office location Source: 2017 AMCC Cybersecurity Survey

Q4: What Is the Total Number of Data Centers? Percent of firms in each number Source: 2017 AMCC Cybersecurity Survey

Q5: What Are Your Assets Under Management as of 12/31/2016?* Percent of firms *Assets only include open-end fund assets (e.g. no hedge funds, ETFs, separate accounts, etc.) Note: 33 firms did not report their assets. Source: 2017 AMCC Cybersecurity Survey

Q6: Does Your Firm’s Information Security Program Receive Direct Financial Support from a Parent Company? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q7: Does Your Firm’s Information Security Program Receive Direct Staffing Support from a Parent Company? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q8: What Is the Approximate Percentage of the Information Technology Budget Spent on Cybersecurity? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q9: What Is Your Title? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q10: What Is the Number of Dedicated Information Security Full Time Internal Employees? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q11: What Is the Number of Partially Dedicated Information Security Full Time Internal Employees? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q12: What Is the Number of Information Security Consultants/Contractors? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q13: Functions (Primary Responsibility) Covered by Headcount in 2015: Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q14: Does Your Firm Have a CISO? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q15: To Whom Does Your CISO Report? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q16: Does Your Firm Require IS Staff to Have Certain Certifications? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q17: If You Answered YES to Your Firm Requiring IS staff to Have Certain Certifications, Check All That Apply: Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q18: Does Your Firm Require Employee Passwords of at Least 8 Characters? Percent of firms in each year *Due to a different wording of the question in 2016, the option of “Consider” is not applicable. Source: 2017 AMCC Cybersecurity Survey

Q18: What Is the Minimum Password Length Your Firm Requires for Non-Admin Accounts? Percent of firms in each category Source: 2017 AMCC Cybersecurity Survey

Q19: Does Your Firm Require Employee Passwords Longer Than 8 Characters? Percent of firms in each category *Due to a different wording of the question in 2016, the option of “Consider” is not applicable. Source: 2017 AMCC Cybersecurity Survey

Q19: What Is the Minimum Password Length Your Firm Requires for Administrative Accounts? Percent of firms in each category *Due to a different wording of the question in 2016, the option of “Consider” is not applicable. Source: 2017 AMCC Cybersecurity Survey

Q20: Does Your Firm Require Employees to Select Complex (Alpha + Numeric + Special Character) Passwords? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q21: How Often Does Your Firm Require Employees to Change Passwords? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q22: Has Your Firm Implemented the New NIST Password Standard (NIST Series)? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q23: Does Your Firm Require Dual-Factor Authentication (Single Factor Plus Software or Hardware Token Code or Smart Code) for All Employee Logins? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q24: Does Your Firm Require Dual-Factor Authentication for Employee Remote Login? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q25: Does Your Firm Require Multi-Factor Authentication for Administrative Access Where Feasible, Even When Accessing Internally? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q26: Does Your Firm Require Multi-Factor Authentication for Clients? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q27: Does Your Firm Offer Two-Step Authentication (Single Factor Plus a Code Sent to User Out-of-Band) for Shareholders/Investors? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q28: Does Your Firm Use Risk-Based Authentication for Shareholders/Investors? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q29: Does Your Firm Use Third-Party Services for Identity Proofing? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q30: Does Your Firm Prohibit Employees the Ability to Install Desktop Software Themselves? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q31: Does Your Firm Control Data Storage on USB Devices for Employees? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q32: Does Your Firm Use Personal Firewalls on Desktops? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q33: Does Your Firm Use Personal Firewalls on Laptops? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q34: Does Your Firm Encrypt Laptop Hard Drives? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q35: Does Your Firm Use Host Intrusion Prevention on Desktops? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q36: Does Your Firm Use Host Intrusion Detection on Desktops? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q37: Does Your Firm Use Intrusion Detection at Your Internet Connection? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q38: Does Your Firm Use Intrusion Detection at Your Gateway? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q39: Does Your Firm Use Internal Anomaly Detection Systems to Detect Malicious Internal Activity? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q40: Does Your Firm Enforce the Use of TLS for Internet Facing Communications? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q41: Does Your Firm Use Next Generation Firewall Technology? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q42: Does Your Firm Use a Network Access Control System? Percent of firms in each 2017 Source: 2017 AMCC Cybersecurity Survey

Q43: Does Your Firm Use a Proxy Capability? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q44: Has Your Firm Modeled Its Program Against a Security Framework? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q45: Does Your Firm Conduct Periodic Risk Assessments to Identify Cybersecurity Threats, Vulnerabilities, and Potential Business Consequences? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q46: If You Answered Yes to Your Firm Conducting Periodic Risk Assessments to Identify Cybersecurity Threats, Vulnerabilities, and Potential Business Consequences, What Type of Assessment(s) Were Conducted? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q47: If You Answered Yes to Your Firm Conducting Periodic Risk Assessments to Identify Cybersecurity Threats, Vulnerabilities, and Potential Business Consequences, How Frequent Are the Assessments? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q48: Does Your Firm Require All Employees to Undergo Information Security Training? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q49: If You Answered YES or YES FOR SOME EMPLOYEES to Your Firm Requiring Employees to Undergo Information Security Training, How Frequent Is the Training? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q50: Does Your Firm Conduct Fake Phishing Tests to Test Employee Awareness of Phishing? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q51: Does Your Firm Require All Employees to Sign an Annual Affirmation That They Have Read and Understand the Firm’s Information Security Policy? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q52: Does Your Firm Allow the Use of Cloud Based File Sharing Applications? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q52: Does Your Firm Allow the Use of Cloud Based File Sharing Applications? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q53: Does Your Firm Require Employees to Take a “Clean” Device(s) When Travelling Abroad? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q54: Does Your Firm Require Employees to Take a “Clean + Hardened” Device(s) When Travelling Abroad? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q55: Does Your Firm Conduct a Periodic Inventory of All Physical Devices, Software, and Applications? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q56: Does Your Firm Have a “Bring Your Own Device” Policy? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q57: If You Answered Yes to Your Firm Having a “Bring Your Own Device” Policy, Who In the Organization Is Included in Formulating Policy (Check All That Apply)? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q58: Does Your Firm Manage Access to Employee Owned Devices? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q59: Does Your Firm Conduct Periodic Table Top Exercises to Prepare Staff Responding to a Cyber Event? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q60: If You Answered Yes to 59, How Frequent Are Table Top Exercises Conducted? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q61: Does Your Firm Have a Detailed Written Incident Response Plan? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q62: Does Your Firm Have a Clear Escalation Procedure for Reporting Cyber Events? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q63: Is Your Firm a Member of FS-ISAC? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q64: Does Your Firm Have Cyber Insurance? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q65: If You Answered Yes to 64, What Is the Approximate Amount of Coverage? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q66: Does Your Firm Prohibit Personal Access (e.g. Gmail, Yahoo!, Etc.)? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q67: Does Your Firm Prohibit Access to Social Media Platforms? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q68: If You Answered Yes Or Yes for Some Staff to Your Firm Prohibiting Access to Social Media Platforms, Which Platforms Are Prohibited? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q69: If You Answered No, No But Considering, or Yes for Some Staff to Your Firm Prohibiting Access to Social Media Platforms, Does Your Firm Have a Policy Restricting What May Be Posted? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q70: Does Your Firm Maintain an Environment for Testing and Development for Software and Applications That Is Separate From Its Business Environment? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q71: Does Your Firm Require Cybersecurity Risk Assessments of Third-Party Service Providers with Access to the Firm’s Networks, Customer Data, and Other Sensitive Information? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q72: Does Your Firm Deploy Any Metrics to Assess the Effectiveness of Its IT Security? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q73: Does Your Firm Air Gap Backups? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q74: Please Indicate All IT Functions That Your Firm Outsources Percent of firms in 2015 Source: 2017 AMCC Cybersecurity Survey

Q75: Does Your Firm Encrypt Offsite Backup Media Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q76: Does Your Firm Encrypt Mobile Devices Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q77: Does Your Firm Encrypt Internal File Shares Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q78: Does Your Firm Encrypt External File Shares (E.G. Cloud) Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q79: Does Your Firm Encrypt Internal Databases Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q80: Does Your Firm Use a Storage Service Provider? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q81: If You Answered Yes to Your Firm Using a Storage Service Provider, Does the SSP Encrypt Your Data? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q82: Does Your Firm Utilize Digital Rights Management for Document Protection? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q83: Does Your Firm Encrypt ? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q84: Does Your Firm Encrypt Internal Data in Motion? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q85: Does Your Firm Encrypt Data at Rest? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q86: For Outsourced Data Management That Includes Key Management, Who Manages the Keys? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q87: Does Your Firm Use a Password Vault/One Time Password for Administrative Access? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q88: Does Your Firm Require Multi-Factor Authentication to Elevate Privilege? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q89: Does Your Firm Monitor Administrative Access at the Key Stroke Level? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q90: Does Your Firm Require Administrators to Attend Special Cybersecurity Access Training? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q91: Does Your Firm Allow Employees to Have Administrative Access on Their Laptops? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q92: Does Your Firm Collect and Store Retail Shareholder Data? Percent of firms in each year Source: 2017 AMCC Cybersecurity Survey

Q93: Please Indicate the Level of Concern of Each of the Following Categories of Data for Your Firm (1=highest, 6=lowest) Percent of firms in 2015 Source: 2017 AMCC Cybersecurity Survey

Q94: Which of the Following Pieces of Information Do You Prepare for Board of Directors? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q95: Which Countries Cybersecurity Guidelines or Standards Impact the Security Program of Your Firm? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Q96: Which Agencies Currently Regulate Your Organization? Percent of firms in 2017 Source: 2017 AMCC Cybersecurity Survey

Contact Peter G. Salmon Senior Director Operations & Technology ICI Global 1401 H Street, NW Washington, DC 20005 Source: 2017 AMCC Cybersecurity Survey

DETAILED Global CYBERSECURITY SURVEY Summary RESULTS

Similar presentations

Presentation on theme: "DETAILED Global CYBERSECURITY SURVEY Summary RESULTS"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

DETAILED Global CYBERSECURITY SURVEY Summary RESULTS

Similar presentations

Presentation on theme: "DETAILED Global CYBERSECURITY SURVEY Summary RESULTS"— Presentation transcript:

Similar presentations

About project

Feedback