Cybersecurity, Data Privacy Top Concerns for Enterprises

June 19, 2019

Cybersecurity and data privacy captured the two top spots in respondents’ list of E&C concerns, according to the 2019 Definitive Corporate Compliance Benchmark Report.

Data security and privacy breaches have become a daily worry for most organizations and research shows that most organizations have poor cybersecurity defenses and abundant amounts of unprotected data, making them easy targets for attacks and data loss.

But, only two thirds of organizations are managing policies and conducting training in cyber security, data privacy and confidential information, likely due to flat budgets. Additionally, many organizations believe their board members are not a source of risk for cybersecurity issues and that they understand the problem well enough to avoid missteps.

Other key findings include:

Less than half of respondents (46 percent) have implemented third party due diligence programs.
Organizations are struggling to address issues that have dominated news cycles in recent years, including: harassment, bribery/corruption, data privacy/security and conflicts of interest. Though #MeToo is arguably the most forceful movement to hit the workforce in recent history, 48 percent of respondents said their organization has made no changes as a result.
Only 71 percent of respondents overall and 91 percent of advanced programs offered an anonymous reporting channel – something every organization should have at this point in the evolution of E&C programs.
Technology use is less common in small organizations’ programs and those at the low end of program maturity. However, it is one of the key drivers of a successful program. Overall, 85 percent of respondents currently use one or more automated solutions in their programs. Those that use up to five of these solutions demonstrate better prevention of violations and more program accomplishments as they add each automated solution.
Regarding policy and procedure management, 85 percent of respondents said a “centralized repository with easy access to the most current versions” was valuable or very valuable. More than three out of four (78 percent) rated “improved version control, reduced redundancy or increased accuracy of policies” just as valuable.
Budget and allocated resources are largely flat for most E&C programs, though one in five expects some modest budget increases. A third of organizations have a budget less than $50,000, and half have four or fewer FTEs dedicated to E&C.
Third-party risk management solutions lag in perceived value and implementation. E&C programs are depending mostly on proven, core program elements policies, codes of conduct, training and internal reporting systems – to help manage these risks.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Cybersecurity, Data Privacy Top Concerns for Enterprises

Related Articles

Related Products

Related Events

Report Abusive Comment