Do you currently report metrics on insider risk mitigation to your board or executive team?

Risk ManagementKPIs, Metrics & Reporting

Yes - board only12%

Yes - executive team only28%

Yes - both board and executive team32%

No18%

Not yet, but we’re considering it10%

Unsure/other

60 PARTICIPANTS
201 viewscircle icon1 Comment
Sort by:
VP IMIT & CIO5 months ago

We report vulnerabilities, unauthorized cloud services, mandatory information security and privacy training completion rates, and other compliance issues, e.g., data security. Given the emerging dynamic threat landscape, we are constantly considering additional metrics and awareness campaigns.

Content you might like

How do you measure the effectiveness of your zero-trust model? What metrics/indicators have been most useful?

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

Which digital contract lifecycle management tool is your organization leveraging?

Agiloft7%

Conga23%

DocuSign CLM (SpringCM)38%

Apttus6%

Ironclad4%

Coupa (Exari)4%

Other (discuss below)16%

View Results

Do you have data that allows you to objectively measure your team’s effectiveness as well as any positive impacts? What data do you currently rely on?

Read More Comments

Has your org managed to reduce its cyber insurance premium over the past year? (If so, comment to explain how this was achieved if you can)

Yes74%

No18%

I don’t know5%

Org doesn’t currently have cyber insurance1%

View Results