BUSINESS TECHNOLOGY MEDIA COMPANY
Companies
Sectors
Surveys
Please specify your role in the organisation
Executive management (C-level )
34 %
Middle management (line management)
26.5 %
IT staff (all other non-management IT positions)
24.1 %
Consultant
15.4 %
Sample: 324
How many people does your company employ?
Fewer than 50
44.9 %
1 000-4 999
12.6 %
10 000 or more
9.8 %
200-499
8 %
5 000-9 999
8 %
500-990
6.8 %
50-99
6.5 %
100-199
3.4 %
Sample: 325
How many people report to you?
Fewer than 10
82.5 %
11-49
15.7 %
50-99
0.9 %
1 000 or more
0.6 %
100-199
0.3 %
200-499
0 %
500-999
0 %
Sample: 325
In which industry does your company operate?
Information Technology
42.8 %
Finance / Banking / Insurance / Accounting
16 %
Business services / Consulting (non ICT related)
5.8 %
Government
5.5 %
Telecommunications / Cellular providers
4.9 %
Advertising / Marketing / Public Relations
3.4 %
Media / TV / Print / Online
3.4 %
Retail / Wholesale
3.1 %
Manufacturing (non IT related)
2.5 %
Parastatals / Utilities
2.5 %
Non-government / non-profit
2.2 %
Agriculture
1.8 %
Construction / Architecture / Engineering
1.8 %
Travel / Tourism
1.2 %
Legal / Real Estate
0.9 %
Transport
0.9 %
Medical / Dental / Healthcare / Pharmaceutical
0.6 %
Mining / Petrochemical
0.6 %
Sample: 325
1. Please rank your top 5 cyber security challenges you need to solve. (Where 5 is high and 1 is low)
Ability to detect and respond effectively to incidents given the evolving threat landscape.
3.6 point
Gain visibility of the attack surface across both networking and security infrastructure.
3.5 point
Improve operational processes and automate routine tasks due to resource constraints.
3.3 point
Too many disparate sets of data to analyse effectively.
3 point
Effectively closing vulnerabilities across hybrid/multi-cloud networks.
3.3 point
Sample: 279
2. Does your organisation have a complex, hybrid network infrastructure that comprises any of the following? (Select applicable)
Public cloud networks (AWS, Azure, GCP)
58.3 %
SaaS applications (Box, Office365, etc)
55.6 %
Private cloud
47.4 %
Multi-cloud (more than one public cloud network)
30.1 %
Serverless functions
18 %
Microservices
17.3 %
Containers
16.2 %
More than 15 security and network vendor technologies
15 %
OT/ICS network
10.9 %
Sample: 266
3. Does your organisation need to comply with any of the following standards/regulation frameworks? (Select all applicable)
POPI/GDPR
71.7 %
ISO27001
56.5 %
NIST
19.3 %
PCI-DSS
16.1 %
HIPAA
11.7 %
FIPS
10.3 %
STIG
6.7 %
NERC
5.4 %
Sample: 223
4. Do you have adequate auditing and reporting mechanisms in place to meet compliance requirements?
Yes
55.2 %
Unsure
28.2 %
No
16.6 %
Sample: 277
5. Does your organisation have a way to maintain an accurate inventory of your assets across the network on a continuous basis?
Yes
66.7 %
No
19.6 %
Unsure
13.8 %
Sample: 276
6. Do you have enough data to analyse and measure your risk exposure adequately?
Yes
51.1 %
No
24.6 %
Unsure
24.3 %
Sample: 268
7. Do you believe your organisation has a mature change management process, that enables you to validate rule changes and potential vulnerability exposure before rules are implemented?
Yes
56.7 %
No
28.7 %
Unsure
14.6 %
Sample: 268
8. Do you have effective tools in place that enable proactive rule life cycle management and automated re-certification of your rule sets?
Yes
40.4 %
No
36.2 %
Unsure
23.4 %
Sample: 265
9. Do you run daily or weekly security configuration checks among your network infrastructure devices to make sure they are hardened and follow the vendor security best practices?
Yes
52.8 %
No
33.7 %
Unsure
13.5 %
Sample: 267
10. Do you have a single view of all your assets, vulnerability and security weakness and various network infrastructure (on-prem/cloud)?
Yes
40.3 %
No
39.9 %
Unsure
19.8 %
Sample: 268
11. Do you have a way to maintain visibility of risks and compliance as you transition services to a cloud based infrastructure?
Yes
49.8 %
No
30.9 %
Unsure
19.2 %
Sample: 265
12. Are you inundated with vulnerability data and struggling to prioritise?
No
51.3 %
Yes
25.7 %
Unsure
23 %
Sample: 265
13. Do you leverage EDR (endpoint, detect and respond) technologies?
Yes
47.3 %
No
30.9 %
Unsure
21.8 %
Sample: 262
14. Do you have a cyber investment programme running or planned?
No
43.1 %
Yes
40.1 %
Unsure
16.8 %
Sample: 262
15. Do you want a single pane view of your IT and OT attack surface?
Yes
56.6 %
Not applicable
29.1 %
No
14.3 %
Sample: 265