Sixty-three percent of U.S. organizations responding to CompTIA’s 8th Annual Global Security Trends Study say that they have experienced at least one security incident or breach during the past year. Among those who had a security incident, 45 percent classified the situation as serious – meaning there was a financial threat, potential damage to the organization’s reputation or other serious issue.
More than 250 information technology and business executives directly involved in setting or executing information security policies and processes within their own organization responded to the U.S. portion of the web-based survey in July 2010.
Final results of the study will be released next week. I am reaching out to you to see if you would be interested in receiving the full report prior to the release, and in speaking with CompTIA VP of Research Tim Herbert, so that you can write a story in conjunction with the release of the data.
Some of the other key findings from the report:
- 55 percent of organizations have a written cybersecurity policy
- Human error is the perceived cause for 59 percent of security incidents; 41 percent are perceived as technology errors
o The element of human error that most contributes to security breaches: Failure of end users to comply with security policies – 49 percent
- 49 percent of those surveyed rate security as an upper level IT priority, compared to 35 percent in 2008
- About one-third of organizations require end-user security training, which is more prevalent among organizations with larger staff sizes, higher revenues and formal security policies
The results from CompTIA’s 8th Annual Global Security Trends study are set to be released November 18.