Do you ask for Cyber Essentials (CE) and/or a CE Plus certification when choosing a supplier for your organization?

Leadership Talent Management & Performance

Yes, we require both.21%

Yes, but only the Cyber Essentials.50%

We ask for neither.19%

We will consider asking for one/both in the future.8%

192 PARTICIPANTS

1.9k views2 Upvotes1 Comment

Sort by:

CTO in Software4 years ago

We are using a combination of Questionnaire and Vendor Risk Management platform. We are more oriented towards ISO, SOC, and in the near future CMMC.

Content you might like

How does your organization handle security team involvement in change requests submitted to CAB/RAB — specifically in relation to formal security review and approval?

Always required – Security must formally review and approve every change request.8%

Required for security-impacting changes – Security reviews only changes flagged as having potential security implications. Please comment : Who decides which changes require security review and which do not ? Is this determination manual or automated? How do you avoid gaps or oversights in this process ?84%

Not required – Security does not review changes submitted CAB/RAB by other teams. 8%

Risk-based or automated – Security involvement is determined by a tiered model or automated risk scoring within ITSM.

View Results

How are you collaborating with other business leaders to ensure IT strategy remains aligned during periods of rapid change? Can you share examples of cross-functional planning approaches that have been effective?

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

What is your biggest talent development priority over the next year?

Recruiting and hiring new full-time employees17%

Expanding relationships with IT staffing firms to meet immediate needs37%

Upskilling or reskilling employees for new roles31%

Improving internal processes to manage a remote or hybrid workforce11%

Other (please specify in comments)3%

View Results

Do you ask for Cyber Essentials (CE) and/or a CE Plus certification when choosing a supplier for your organization?

Sort by:

Content you might like

How does your organization handle security team involvement in change requests submitted to CAB/RAB — specifically in relation to formal security review and approval?

How are you collaborating with other business leaders to ensure IT strategy remains aligned during periods of rapid change? Can you share examples of cross-functional planning approaches that have been effective?

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

What is your biggest talent development priority over the next year?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

2024 HR Priorities and Challenges: Insights from the Field

2024 Sales Priorities and Goals

2024 IT Priorities and Challenges: Insights from the Field

2023: The State of Product-Led Sales

Take Your Insights On-the-Go