Cybersecurity, Data Privacy Top Concerns for Enterprises

June 19, 2019

Cybersecurity and data privacy captured the two top spots in respondents’ list of E&C concerns, according to the 2019 Definitive Corporate Compliance Benchmark Report.

Data security and privacy breaches have become a daily worry for most organizations and research shows that most organizations have poor cybersecurity defenses and abundant amounts of unprotected data, making them easy targets for attacks and data loss.

But, only two thirds of organizations are managing policies and conducting training in cyber security, data privacy and confidential information, likely due to flat budgets. Additionally, many organizations believe their board members are not a source of risk for cybersecurity issues and that they understand the problem well enough to avoid missteps.

Other key findings include:

Less than half of respondents (46 percent) have implemented third party due diligence programs.
Organizations are struggling to address issues that have dominated news cycles in recent years, including: harassment, bribery/corruption, data privacy/security and conflicts of interest. Though #MeToo is arguably the most forceful movement to hit the workforce in recent history, 48 percent of respondents said their organization has made no changes as a result.
Only 71 percent of respondents overall and 91 percent of advanced programs offered an anonymous reporting channel – something every organization should have at this point in the evolution of E&C programs.
Technology use is less common in small organizations’ programs and those at the low end of program maturity. However, it is one of the key drivers of a successful program. Overall, 85 percent of respondents currently use one or more automated solutions in their programs. Those that use up to five of these solutions demonstrate better prevention of violations and more program accomplishments as they add each automated solution.
Regarding policy and procedure management, 85 percent of respondents said a “centralized repository with easy access to the most current versions” was valuable or very valuable. More than three out of four (78 percent) rated “improved version control, reduced redundancy or increased accuracy of policies” just as valuable.
Budget and allocated resources are largely flat for most E&C programs, though one in five expects some modest budget increases. A third of organizations have a budget less than $50,000, and half have four or fewer FTEs dedicated to E&C.
Third-party risk management solutions lag in perceived value and implementation. E&C programs are depending mostly on proven, core program elements policies, codes of conduct, training and internal reporting systems – to help manage these risks.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

Cybersecurity, Data Privacy Top Concerns for Enterprises

Related Articles

Related Products

Related Events

Report Abusive Comment