Main variables	Total
G.1 % of enterprises that apply some ICT security measure	55,32
G.1.A % of enterprises with strong password authentication (1)	86,03
G.1.B % of enterprises with biometric authentication (1)	16,45
G.1.C % of enterprises with a combination of at least two authentication mechanisms (1)	17,71
G.1.D % of enterprises with encryption techniques (1)	23,4
G.1.E % of enterprises with data backup in a separate location (1)	75,64
G.1.F % of enterprises with control of network access (1)	37,22
G.1.G % of enterprises with a Virtual Private Network (1)	17,26
G.1.H % of enterprises with an ICT security monitoring system	18,41
G.1.I % of enterprises that maintain log files to analyze security incidents (1)	12,98
G.1.J % of enterprises with an ICT risk assessment (1)	10,34
G.1.K % of enterprises with an ICT security test (1)	12,77
G.2.A % of enterprises with voluntary ICT security training	15,99
G.2.B % of enterprises with obligations training on ICT security	5,51
G.2.C % of enterprises with ICT security obligations by contract	4,63
G.3 % of enterprises with ICT security documentation	7,42
G.4.A % of enterprises with ICT security documentation: reviewed within the last 12 months (2)	64,8
G.4.B % of enterprises with ICT security documentation: reviewed between 12 and 24 months (2)	24,17
G.4.C % of enterprises with ICT security documentation: reviewed more than 24 months ago (2)	11,03
G.5 % of enterprises with a security incident	5,2
G.5.A % of enterprises by type of incident: ICT services unavailable due to hardware or software failure (3)	73,98
G.5.B % of enterprises by type of incident: ICT services not available due to external attack (3)	25,07
G.5.C % of enterprises by type of incident: Destruction or corruption of data due to hardware or software failure  (3)	37,54
G.5.D % of enterprises by type of incident: Destruction or corruption of data due to external attack(3)	23,38
G.5.E % of enterprises by type of incident: Disclosure of confidential data due to external intrusions (3)	10,55
G.5.F % of enterprises by type of incident: Disclosure of confidential data due the employees themselves (3)	7,52
G.6.A % of enterprises whose ICT security is handled by the employees themselves	25,02
G.6.B % of enterprises whose ICT security is handled by external providers	26,56
G.7 % of enterprises that have insurance against ICT security incidents	5,68