Content, Content

Large U.S. Companies Formalize Cybersecurity Policies

Large U.S. companies are more likely to have a cybersecurity policy than other global organizations, according to a survey of 304 IT decision-makers at businesses with 500 or more employees conducted by market research and analysis firm Clutch.

Key findings from the Clutch survey included:

  • 94 percent of large businesses in the United States have a cybersecurity policy, and 87 percent of these companies created their policies at least three years ago.
  • Cybersecurity policies most commonly include required security software (84 percent), how to back up data (81 percent), how to detect scams (79 percent) and how to report security incidents (78 percent).
  • Communicating a cybersecurity policy to employees is the primary method of cybersecurity implementation for 85 percent of organizations. Meanwhile, 79 percent stated they monitor cybersecurity policy compliance, and 77 percent noted they teach employees how to follow their cybersecurity policy.

In addition, Clutch offered the following cybersecurity policy recommendations for organizations of all sizes:

  • Prioritize cybersecurity policy updates and communication. Organizations must update their cybersecurity policies regularly and effectively communicate all policy changes to employees.
  • Gamify a cybersecurity policy. Organizations can use gamification to ensure employee compliance with a cybersecurity policy. For example, an organization can use a phony "phishing" scam email to determine how well employees comply with a cybersecurity policy and reward employees who correctly identify the email as a phishing scam.
  • Balance enforcement and human resources. Organizations must find a balance that ensures employees can do their jobs without fearing oversight and understand the consequences associated with violating a cybersecurity policy.

Ultimately, reducing internal cyber threats can help organizations optimize the benefits of a cybersecurity policy, Clutch stated.

Are U.S. Large Businesses Investing in Cybersecurity Technology?

Many large businesses in the United States are prioritizing cybersecurity technology – something that could lead to new opportunities for MSSPs.

Seventy percent of U.S. large businesses said they plan to invest more in cybersecurity technology in the next year, according to the Clutch survey. Also, 33 percent of survey respondents said they believe investing in security software, secure mobile apps and other IT services will improve their cybersecurity policy.

"Investing in technology brings protection from external threats, reduced internal threats, ensures compliance with policy and brings peace-of-mind to large companies," Clutch said in a prepared statement.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.