Main variables;Total
H.1 % of enterprises that apply some ICT security measure (0);58.70
H.1.A % of enterprises that apply strong password authentication as an ICT security measure (1);85.21
H.1.B % of enterprises that apply authentication using biometric methods as an ICT security measure (1);21.56
H.1.C % of enterprises applying authentication based on a combination of at least two authentication mechanisms as an ICT security measure (1);23.44
H.1.D % of enterprises that apply encryption of data, documents or emails as an ICT security measure (1);26.53
H.1.E % of enterprises that apply data backup in a separate location as an ICT security measure (1);72.47
H.1.F % of enterprises applying network access control as an ICT security measure (1);35.34
H.1.G % of enterprises applying VPN as an ICT security measure (1);18.25
H.1.H % of enterprises that apply an ICT security monitoring system that allows suspicious activity to be detected as an ICT security measure (1);15.21
H.1.I % of enterprises that implement log file maintenance that allows analysis after ICT security incidents as an ICT security measure (1);12.54
H.1.J % of enterprises that implement an ICT risk assessment as an ICT security measure (1);9.54
H.1.K % of enterprises that perform ICT security testing as an ICT security measure (1);11.15
H.2 % of enterprises that make their employees aware of their ICT security obligations (1);38.47
H.2.A % of enterprises offering voluntary training or providing internally available information to make their employees aware of their ICT security obligations (2);79.28
H.2.B % of enterprises that require mandatory training courses or viewing of material for their employees to make them aware of their ICT security obligations (2);34.31
H.2.C % of enterprises that contractually make their employees aware of their ICT security obligations (2);25.63
H.3 % of enterprises that have documents on ICT security measures, practices or procedures (0);8.05
H.4.A % of enterprises that defined or carried out the latest review of their documents on ICT security measures, practices or procedures in the last 12 months (3);66.04
H.4.B % of enterprises that defined or last reviewed their documents on ICT security measures, practices or procedures more than 12 months ago and up to 24 months ago (3);21.23
H.4.C % of enterprises that defined or carried out the latest review of their documents on ICT security measures, practices or procedures more than 24 months ago (3);12.73
H.5 % of enterprises that have experienced an ICT security incident (0);4.57
H.5.A % of enterprises that, after experiencing an ICT security incident, suffered a resulting lack of availability of ICT services due to hardware or software failures (4);67.04
H.5.B % of enterprises that, after experiencing an ICT security incident, suffered a resulting lack of availability of ICT services due to an attack from outside (4);18.85
H.5.C % of enterprises that, after experiencing an ICT security incident, this resulted in the destruction or corruption of data due to hardware or software failures (4);28.79
H.5.D % of enterprises that, after experiencing an ICT security incident, this resulted in the destruction or corruption of data due to malware infection or unauthorised intrusion (4);13.00
H.5.E % of enterprises that, after experiencing an ICT security incident, this resulted in the disclosure of confidential data due to intrusions, pharming, phishing or intentional actions of the employees themselves (4);8.94
H.5.F % of enterprises that, after experiencing an ICT security incident, this resulted in the disclosure of confidential data due to the involuntary actions of the employees themselves (4);5.12