Sample of the

Global State of Information

Security Survey 2015

Cybersecurity is
now a persistent
business risk

Businesses are failing to keep up with the

persistence, technical expertise or tactical
skillset of our adversaries
Sophisticated attackers will continue to
stay ahead of the mainstream defensive
technologies we deploy
Disruptive technologies will continue to
challenge security efforts
Demand for expertise - shortage of supply
Impact has extended to the C-suite and
the Boardroom

Source: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014

More competition for solutions = more confusion for buyers

Source: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014

Financial losses increase apace

The Center for Strategic and International Studies found difficulties in estimating
financial impact but estimated that the annual cost of cybercrime to the global
economy ranges from $375 billion to as much as $575 billion.
Impact from trade secret theft ranges from 1% to as much as 3% of a nations
GDP using the World Banks GDP estimate of $74.9 trillion in 2003, loss of
trade secrets may range from $749 billion to as high as $2.2 trillion annually
$5.9
Many losses go unreported or are poorly measured

million

$3.9
million

2013

$.65
million

2014

$.41
million

Small
(Revenues less than $100 million)

$1.0
million

$1.3
million

Medium
(Revenues $100 million-$1 billion)

Source: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014

Large
(Revenues more than $1 billion)

Domestic intelligence: a new source of concern

While the Edward Snowden affair
has turned attention to the NSA, its
also raised interest on the general
concerns outside the U.S. about
domestic surveillance by non-U.S.
government agencies.

Source: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014

Does the Board care? Sometimes

Board Involvement

At most organizations,
the Board of Directors
does not participate in
key information
security activities.

Despite the high-profile

security breaches in
the past year, the
Board of Directors is
often not involved in
critical initiatives such
as security strategy,
budget, and review of
risks.

42%

Overall security strategy

40%

Security budget

36%

Security policies

30%

Security technologies

Review of current security

and privacy risks

Review roles and responsibilities

of security organization

25%

20%

Source: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014

Driving security is the 3rd Platform The SMAC Stack

Social
Mobile

Analytics
Cloud
Source: IDC

Continue the conversation

To receive more information on CSOs audience, please contact:
Sue Yanovitch, VP / Marketing, IDG Enterprise syanovitch@cxo.com
To get results from additional IDG Enterprise research when it
happens, or any other news, follow us on Twitter: @IDGEnterprise

ADDITIONAL WAYS TO STAY ON TOP OF INFORMATION FROM IDG ENTERPRISE:

Sign up to receive our monthly marketing

newsletter at www.idgenterprise.com
Visit us on LinkedIn:
www.linkedin.com/company/idg-enterprise