Where is your biggest concern when it comes to potential ransomware intrusion?

Risk ManagementThreat & Vulnerability ManagementSecurity & GRC+9 more

Collaboration apps (MS Teams, Zoom, Slack, etc.)48%

Social media (LinkedIn, Facebook, etc.)42%

Mobile chat (WhatsApp, WeChat, etc.)10%


268 PARTICIPANTS
1.8k views3 Upvotes4 Comments
Director of Technology Strategy in Services (non-Government), 2 - 10 employees
D) staff and their level of understanding.

None of those channels are a risk in their own right, what concerns me is people clicking on links or downloads from unknown sources.

They can be delivered through ay channel.
3
Director in Manufacturing, 1,001 - 5,000 employees
Do you consider email a collaboration application

That has continued to be our problem
4 1 Reply
Director of Technology Strategy in Services (non-Government), 2 - 10 employees

I would say so. It carries the same risk as Colab tools in that malicious links and/or files can be shared through it.

3
Director of IT in Software, Self-employed
I'm more into social media because social media contains things I have no control over, unlike collaboration apps that can be done with companies that enforce strong password policies, train employees on how to recognize and avoid phishing attacks and keep all devices up to date software and applications with the latest security patches. And for mobile chat, maybe most of it is used for personal interests, for work, and connected to office systems, the contents of the message will be monitored more closely. That's my thought.

Content you might like

Has your organization been hit by ransomware in the last 6 months?

Governance, Risk & ComplianceSecurity & GRCRisk Management+4 more

Yes28%

No, but we expect to be hit in the future.48%

No, and we don't expect to be hit by ransomware in the future.24%


241 PARTICIPANTS
2.2k views1 Upvote2 Comments

Does anyone have any guidance, tips, and/or templates to share to help establish Identity Access Management governance as a part of an overarching Identity Governance and Administration program?

Process ManagementIdentity & Access Management (IAM)
2.1k views2 Upvotes1 Comment

How can you design your org’s security policies to more effectively drive awareness?

Security Strategy & RoadmapAwareness & TrainingRisk Management
Read More Comments
605 views2 Comments

Would anyone be willing to share best practices about how their organization deals with ensuring Cookie Compliance, specifically to GDPR rules? Where should this sort of compliance review sit in an organization? The particular issue we have is who should review new web deployments that use cookies and to make the decisions on whether Cookies are Strictly Necessary or Functionality Cookies. For example is a Cookie required for a Live Chat to work Functionality or Strictly Necessary? Our Security team does not consider taking on these compliance reviews as their domain, as Cookie Compliance is not an internal security matter and the Data Protection team has a limited interest as the GDPR rules around Cookies apply in case of any Cookie being used by a website, whether or not it contains personal data. 

Security & GRCRegulatory Compliance
627 views1 Comment

What is the percentage of your technology budget compared to annual revenue?

Financial Management

Less than 1%9%

1 - 3%49%

3 - 5%24%

5 - 7%7%

More than 7%11%


227 PARTICIPANTS
3.6k views1 Comment