When Asked, What Percentage of Staff Know if They Have an Infosec Policy?
Information Security is basic stuff. It's part of everything we do, or should be. So why were we not surprised when we asked people, knowledgeable people, who visit this site "
Do you have an Information Security Policy?" and we were given the results below?
We weren't surprised, but we were horrified.
The thing that stands out is that only 40% were clear that they have an Information Security Policy. We didn't dare ask those how many also included Data Privacy clauses to meet the various and increasing pieces of Data protection legislation spearheaded internationally by the European Community.
28% were sure they had no such policy. Horrifying certain that no such policy exists, they continue to trust their own data, and worse still their customers' data, to good luck and guesswork!
But add the 32% who just didn't know, and make no mistake a "Don;t Know" is not adhering to any sort of policy even if they have one, so they may as well not have one anyway, and you get 60% who either genuinely do not have, or effectively do not have, an Information Security policy.
We have a question for you. "If I can't trust you with my data, can I trust you with my money?"
Discuss This Article