Do you currently report metrics on insider risk mitigation to your board or executive team?

Risk ManagementKPIs, Metrics & Reporting

Yes - board only12%

Yes - executive team only28%

Yes - both board and executive team32%

No18%

Not yet, but we’re considering it10%

Unsure/other

60 PARTICIPANTS
202 viewscircle icon1 Comment
Sort by:
VP IMIT & CIO6 months ago

We report vulnerabilities, unauthorized cloud services, mandatory information security and privacy training completion rates, and other compliance issues, e.g., data security. Given the emerging dynamic threat landscape, we are constantly considering additional metrics and awareness campaigns.

Content you might like

Is your organization using encryption extensively?

Yes85%

No14%

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

How do you measure the effectiveness of your zero-trust model? What metrics/indicators have been most useful?

Do you have data that allows you to objectively measure your team’s effectiveness as well as any positive impacts? What data do you currently rely on?

Read More Comments

Are you confident your org is tracking/reporting the right cyber metrics?

Completely confident (we’re tracking all necessary metrics)8%

Very confident (only minor improvements needed)76%

Mostly confident (some gaps to be addressed)11%

Sort of confident (significant room for improvement)4%

Not confident (major changes required)

View Results