Which of the following areas are you planning to make the biggest changes to within your governance and risk program in 2022?

Security & GRCGovernance, Risk & Compliance

Continuous Monitoring44%

Staff Well Being62%

ESG & Sustainability43%

Service Provider Location Risk14%

Other (share below)2%

561 PARTICIPANTS
3.8k viewscircle icon1 Upvotecircle icon4 Comments
Sort by:
Vice President Of Technology4 years ago

Cypto Marketing and Cyber Security

Associate VP - IT in Retail4 years ago

Process Automation and Cyber Security

Lightbulb on2
CIO4 years ago

Monitoring and Evaluation

Lightbulb on2
CIO4 years ago

Cyber security and Business Intelligence

Lightbulb on2

Content you might like

Our organization is subject to data retention requirements over very long periods (50 years or more). Do your organizations face similar constraints? If so, what long-term retention strategy have you implemented for these regulated data, and what technologies or solutions do you use to ensure their durability and compliance?

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

To simplify your IT, do you expect all the security controls (CASB, ZTNA, SEG and SWG) delivered by the same vendor?

Yes, I am looking at consolidating multiple vendor solutions81%

No, I am fine with managing multiple vendors18%

How concerned are digital companies about the rise of sophisticated social engineering attacks?

Very concerned (Social engineering is a growing threat vector)15%

Somewhat concerned (Believe existing security measures are sufficient)65%

Moderately concerned (Have plans in place to address social engineering risks)19%

Not concerned (Believe employees are well-informed and vigilant)1%

View Results

How are you diversifying threat intelligence sources? Have you been able to reduce reliance on CISA for TI?