Main variables;Total
H.1 % of enterprises that apply some ICT security measure (0);58,7
H.1.A % of enterprises that apply strong password authentication as an ICT security measure (1);85,21
H.1.B % of enterprises that apply authentication using biometric methods as an ICT security measure (1);21,56
H.1.C % of enterprises applying authentication based on a combination of at least two authentication mechanisms as an ICT security measure (1);23,44
H.1.D % of enterprises that apply encryption of data, documents or emails as an ICT security measure (1);26,53
H.1.E % of enterprises that apply data backup in a separate location as an ICT security measure (1);72,47
H.1.F % of enterprises applying network access control as an ICT security measure (1);35,34
H.1.G % of enterprises applying VPN as an ICT security measure (1);18,25
H.1.H % of enterprises that apply an ICT security monitoring system that allows suspicious activity to be detected as an ICT security measure (1);15,21
H.1.I % of enterprises that implement log file maintenance that allows analysis after ICT security incidents as an ICT security measure (1);12,54
H.1.J % of enterprises that implement an ICT risk assessment as an ICT security measure (1);9,54
H.1.K % of enterprises that perform ICT security testing as an ICT security measure (1);11,15
H.2 % of enterprises that make their employees aware of their ICT security obligations (1);38,47
H.2.A % of enterprises offering voluntary training or providing internally available information to make their employees aware of their ICT security obligations (2);79,28
H.2.B % of enterprises that require mandatory training courses or viewing of material for their employees to make them aware of their ICT security obligations (2);34,31
H.2.C % of enterprises that contractually make their employees aware of their ICT security obligations (2);25,63
H.3 % of enterprises that have documents on ICT security measures, practices or procedures (0);8,05
H.4.A % of enterprises that defined or carried out the latest review of their documents on ICT security measures, practices or procedures in the last 12 months (3);66,04
H.4.B % of enterprises that defined or last reviewed their documents on ICT security measures, practices or procedures more than 12 months ago and up to 24 months ago (3);21,23
H.4.C % of enterprises that defined or carried out the latest review of their documents on ICT security measures, practices or procedures more than 24 months ago (3);12,73
H.5 % of enterprises that have experienced an ICT security incident (0);4,57
H.5.A % of enterprises that, after experiencing an ICT security incident, suffered a resulting lack of availability of ICT services due to hardware or software failures (4);67,04
H.5.B % of enterprises that, after experiencing an ICT security incident, suffered a resulting lack of availability of ICT services due to an attack from outside (4);18,85
H.5.C % of enterprises that, after experiencing an ICT security incident, this resulted in the destruction or corruption of data due to hardware or software failures (4);28,79
H.5.D % of enterprises that, after experiencing an ICT security incident, this resulted in the destruction or corruption of data due to malware infection or unauthorised intrusion (4);13
H.5.E % of enterprises that, after experiencing an ICT security incident, this resulted in the disclosure of confidential data due to intrusions, pharming, phishing or intentional actions of the employees themselves (4);8,94
H.5.F % of enterprises that, after experiencing an ICT security incident, this resulted in the disclosure of confidential data due to the involuntary actions of the employees themselves (4);5,12