How often does your organization conduct vulnerability and risk assessments?

Threat & Vulnerability ManagementGovernance, Risk & Compliance

Quarterly30%

Twice per year45%

Annually15%

Vulnerability and risk assessments are ongoing activities.8%

495 PARTICIPANTS
3.8k viewscircle icon1 Upvote

Content you might like

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

Read More Comments

Do you have a vulnerability disclosure policy?

Yes32%

We’re developing one45%

We’re considering it12%

No8%

Unsure1%

View Results

As organizations deploy LLMs and other AI systems, how do you recommend security teams address risks such as data leakage, prompt injection and adversarial manipulation? What frameworks or practices should be prioritized to make AI security programs resilient from day one?

With Gartner highlighting the urgency of post-quantum cryptography (PQC), I would like to know if there are other members of the group already involved in the discussion or in the planning to face the threat of attacks like 'harvest-now, decrypt-later'?