How often does your organization conduct vulnerability and risk assessments?

Threat & Vulnerability Management Governance, Risk & Compliance Risk Management

Quarterly31%

Twice per year42%

Annually15%

Vulnerability and risk assessments are ongoing activities.11%

460 PARTICIPANTS

2.4k views1 Upvote1 Comment

Director, Information Security in Education, 1,001 - 5,000 employees

Risk assessments are done annually (and usually by 2 or 3 differing parties) and vulnerability assessment is ongoing, with monthly scheduled scans and unscheduled scans on a basis of emerging risks.

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

Read More Comments

40.7k views131 Upvotes319 Comments

Are you planning to improve endpoint security in the next 12 months with any of these additional capabilities?

Security & GRC Threat & Vulnerability Management Identity & Access Management (IAM)+8 more

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks59%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%

Not planning to change endpoint security strategy9%

182 PARTICIPANTS

343 views

Do you personally opt out of sharing data with your mobile service provider?

Data Privacy Risk Management Culture & Values

Yes — always.37%

No, I don't mind sharing my data49%

Not yet, but I might opt out soon9%

Don’t know — I need to check!4%

159 PARTICIPANTS

444 views

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRC Threat & Vulnerability Management

ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees

I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more

Read More Comments

2.6k views5 Upvotes5 Comments

Where do HR and other non-security/IT departments fit into your insider risk management strategy/program? What role do they currently play?

Security & GRC Risk Management Threat & Vulnerability Management +1 more

CISO in Software, 10,001+ employees

It is challenging, but sometimes very important for HR to work with IT and Security for scenarios where employees will be laid off, etc. as those people are often higher risk for performing unauthorized or malicious acti...read more

Read More Comments

4.2k views1 Upvote7 Comments