Intelisecure Releases 2018 State of Critical Data Protection Report Revealing Significant Gaps in Cybersecurity Expertise, Execution

Findings Based on Groundbreaking Benchmark Survey of 318 Executives and Cybersecurity Professionals in the United States, Canada, and the United Kingdom

Critical data assets remain highly vulnerable due to significant gaps in cybersecurity expertise and execution, according to the 2018 State of Critical Data Protection Report findings released by InteliSecure.

Report findings were based on a groundbreaking benchmark survey of 318 executives and cybersecurity professionals in the United States, Canada and the United Kingdom conducted in mid 2018. Survey participants received a score on how well their organizations are managing the protection of critical data assets in three key categories:

• Identifying, organizing and directing the security of critical data assets
• Developing, applying and enforcing policies to protect critical data assets
• Implementing technical controls to safeguard critical data assets

Read More:  Ftc Seeks Expert Advice from Idx Ceo on Safely Introducing Real-World Ai

Key finding: While 75 percent of board directors are now holding C-Level executives (33% CEOs, 42% CIOs) accountable for protecting critical data assets, the Critical Data Protection benchmark survey reveals significant gaps in expertise and execution for most organizations.

Takeaway #1

Most organizations focus on compliance at the expense of protecting Intellectual Property (IP) and competitive advantages when identifying and securing data assets critical to their organizations. Simply put: Without first identifying IP and competitive advantages specific to your organization, you cannot properly protect your most critical data assets.

Takeaway #2

While most organizations recognize the importance of establishing a cybersecurity governance group, many face a lack of cybersecurity expertise among governance group members. This highlights a cybersecurity skills gap that many organizations appear to be addressing through the use of outside services. Other organizations fail to give adequate decision-making authority for implementing security controls to their governance groups.

Read More: AI is Revolutionizing Property Management to Make Your Job Easier

Takeaway #3

Most organizations have policies in place for how information can be shared, but many still do not define how data should be protected. Based on survey responses, most companies are not confident their data protection policies are very effective in securing their critical data assets.

Takeaway #4

Even though 90 percent of organizations surveyed have policies that define how sensitive data should be stored and protected on employee systems, they do not have a programmatic approach to maintaining those policies. Companies have similar challenges around incident response procedures that relate to mishandled critical data. Cybersecurity policy refinement and enforcement must be an ongoing business activity rather than a periodic problem to manage.

Takeaway #5

It appears that most organizations surveyed feel they are doing a good job at implementing technical controls to protect their critical data. However, technical spend alone cannot compensate for weaknesses in critical data asset identification and policy enforcement.

Read More: Interview with Joe Edwards, Executive Director, Tonic3 & W3