Main variables;Total G.1 % of enterprises that apply some ICT security measure;55,33 G.1.A % of enterprises with strong password authentication (1);86,08 G.1.B % of enterprises with biometric authentication (1);16,63 G.1.C % of enterprises with a combination of at least two authentication mechanisms (1);17,69 G.1.D % of enterprises with encryption techniques (1);23,03 G.1.E % of enterprises with data backup in a separate location (1);75,17 G.1.F % of enterprises with control of network access (1);36,12 G.1.G % of enterprises with a Virtual Private Network (1);16,45 G.1.H % of enterprises with an ICT security monitoring system;18,1 G.1.I % of enterprises that maintain log files to analyze security incidents (1);12,29 G.1.J % of enterprises with an ICT risk assessment (1);9,86 G.1.K % of enterprises with an ICT security test (1);12,36 G.2.A % of enterprises with voluntary ICT security training;15,92 G.2.B % of enterprises with obligations training on ICT security;5,38 G.2.C % of enterprises with ICT security obligations by contract;4,32 G.3 % of enterprises with ICT security documentation;7,43 G.4.A % of enterprises with ICT security documentation: reviewed within the last 12 months (2);65,36 G.4.B % of enterprises with ICT security documentation: reviewed between 12 and 24 months (2);23,79 G.4.C % of enterprises with ICT security documentation: reviewed more than 24 months ago (2);10,86 G.5 % of enterprises with a security incident;5,2 G.5.A % of enterprises by type of incident: ICT services unavailable due to hardware or software failure (3);74,02 G.5.B % of enterprises by type of incident: ICT services not available due to external attack (3);25,49 G.5.C % of enterprises by type of incident: Destruction or corruption of data due to hardware or software failure (3);38,41 G.5.D % of enterprises by type of incident: Destruction or corruption of data due to external attack(3);23,78 G.5.E % of enterprises by type of incident: Disclosure of confidential data due to external intrusions (3);10,41 G.5.F % of enterprises by type of incident: Disclosure of confidential data due the employees themselves (3);7,76 G.6.A % of enterprises whose ICT security is handled by the employees themselves;25,04 G.6.B % of enterprises whose ICT security is handled by external providers;26,33 G.7 % of enterprises that have insurance against ICT security incidents;5,6