Why does your organization perform penetration tests?

Vulnerability management program support25%

Measuring security posture51%

Compliance or external mandates16%

Red-Purple-Blue teaming exercises3%

Other (please share in comments below)4%

218 PARTICIPANTS

7.7k views1 Comment

Senior Director Engineering in Travel and Hospitality, 10,001+ employees

Combination of a few in the options

Content you might like

Which of the following areas are you planning to make the biggest changes to within your governance and risk program in 2022?

Governance, Risk & Compliance Security & GRC Risk Management

Continuous Monitoring51%

Staff Well Being57%

ESG & Sustainability45%

Service Provider Location Risk14%

Other (share below)2%

537 PARTICIPANTS

2.4k views1 Upvote4 Comments

Would anyone be willing to share best practices about how their organization deals with ensuring Cookie Compliance, specifically to GDPR rules? Where should this sort of compliance review sit in an organization? The particular issue we have is who should review new web deployments that use cookies and to make the decisions on whether Cookies are Strictly Necessary or Functionality Cookies. For example is a Cookie required for a Live Chat to work Functionality or Strictly Necessary? Our Security team does not consider taking on these compliance reviews as their domain, as Cookie Compliance is not an internal security matter and the Data Protection team has a limited interest as the GDPR rules around Cookies apply in case of any Cookie being used by a website, whether or not it contains personal data.

Security & GRC Regulatory Compliance

Head of Cyber Security in Manufacturing, 501 - 1,000 employees

I would say, DPO and Security team both shall be involved and work hand in hand.

Most of the time the legals and or DPO don't have the technical acumen to understand when data is floating to third party services.

Lets ...read more

602 views1 Comment

Is there a disconnect between security leaders and the businesses they serve?

Security & GRC Board Engagement Internal CXO Relationships

Yes, most security leaders.25%

Yes, some security leaders.63%

No8%

Not sure2%

373 PARTICIPANTS

1k views1 Comment

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

Read More Comments

47k views133 Upvotes324 Comments

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRC Threat & Vulnerability Management

ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees

I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more

Read More Comments

3.4k views5 Upvotes5 Comments