Do you currently report metrics on insider risk mitigation to your board or executive team?

Risk ManagementKPIs, Metrics & Reporting

Yes - board only12%

Yes - executive team only28%

Yes - both board and executive team32%

No18%

Not yet, but we’re considering it10%

Unsure/other

60 PARTICIPANTS
203 viewscircle icon1 Comment
Sort by:
VP IMIT & CIO6 months ago

We report vulnerabilities, unauthorized cloud services, mandatory information security and privacy training completion rates, and other compliance issues, e.g., data security. Given the emerging dynamic threat landscape, we are constantly considering additional metrics and awareness campaigns.

Content you might like

What can organizations do to mitigate risks from Windows 10 devices that can’t be upgraded to Windows 11, like industrial control systems (ICS)?

As a security professional, do you currently feel as though you have a place with your executive team/board as a business advisor?

Yes48%

Yes, but not as much as I'd like39%

No10%

No, but I'm expecting that to change2%

View Results

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

How do you measure the effectiveness of your zero-trust model? What metrics/indicators have been most useful?

Who has been the best recent-acquirer in cybersecurity? Details and feedback in comments...

Cisco (Duo)15%

Palo Alto (Aporeto, Twistlock, CloudGenix)28%

VMware (Carbon Black)25%

Broadcom (Symantec)10%

Zoom (Keybase)8%

NTT (WhiteHat)5%

F5 Networks (Shape Security)3%

Sumo Logic (JASK)1%

OTHER - share in comments1%

View Results