intellisecure logo.png
Source: InteliSecure

InteliSecure Releases 2018 State of Critical Data Protection Report Revealing Significant Gaps in Cybersecurity Expertise, Execution

Findings based on groundbreaking benchmark survey of 318 executives and cybersecurity professionals in the United States, Canada, and the United Kingdom

DENVER, Nov. 15, 2018 (GLOBE NEWSWIRE) -- Critical data assets remain highly vulnerable due to significant gaps in cybersecurity expertise and execution, according to the 2018 State of Critical Data Protection Report findings released today by InteliSecure.

Report findings were based on a groundbreaking benchmark survey of 318 executives and cybersecurity professionals in the United States, Canada and the United Kingdom conducted in mid 2018. Survey participants received a score on how well their organizations are managing the protection of critical data assets in three key categories:

  • Identifying, organizing and directing the security of critical data assets
  • Developing, applying and enforcing policies to protect critical data assets
  • Implementing technical controls to safeguard critical data assets

Key finding: While 75 percent of board directors are now holding C-Level executives (33% CEOs, 42% CIOs) accountable for protecting critical data assets, the Critical Data Protection benchmark survey reveals significant gaps in expertise and execution for most organizations.

Takeaway #1

Most organizations focus on compliance at the expense of protecting Intellectual Property (IP) and competitive advantages when identifying and securing data assets critical to their organizations. Simply put: Without first identifying IP and competitive advantages specific to your organization, you cannot properly protect your most critical data assets.

Takeaway #2

While most organizations recognize the importance of establishing a cybersecurity governance group, many face a lack of cybersecurity expertise among governance group members. This highlights a cybersecurity skills gap that many organizations appear to be addressing through the use of outside services. Other organizations fail to give adequate decision-making authority for implementing security controls to their governance groups.

Takeaway #3

Most organizations have policies in place for how information can be shared, but many still do not define how data should be protected. Based on survey responses, most companies are not confident their data protection policies are very effective in securing their critical data assets.

Takeaway #4

Even though 90 percent of organizations surveyed have policies that define how sensitive data should be stored and protected on employee systems, they do not have a programmatic approach to maintaining those policies. Companies have similar challenges around incident response procedures that relate to mishandled critical data. Cybersecurity policy refinement and enforcement must be an ongoing business activity rather than a periodic problem to manage.

Takeaway #5

It appears that most organizations surveyed feel they are doing a good job at implementing technical controls to protect their critical data. However, technical spend alone cannot compensate for weaknesses in critical data asset identification and policy enforcement.


InteliSecure CEO Steven Drew: “While threats to organizations continue to grow in scale, sophistication and frequency, it’s clear the cybersecurity industry skills shortage is failing most organizations, particularly those who choose to go-it-alone. Our Critical Data Protection benchmark survey shows organizations how effectively they are identifying and securing their most critical data assets in an age of unprecedented and cyber attacks that continue to compromise corporate profits and reputation.”

InteliSecure CTO Jeremy Wittkop: “We are glad but not surprised to see more board directors holding CEOs and CIOs accountable, but more work needs to be done to actually protect the assets that matter the most. While spending on endpoint security technologies continues to surpass unprecedented levels, the gap between the forces of good and evil continues to grow, our survey results reveal why.”

To access the complete 2018 Critical Data Protection benchmark survey report, including survey scoring methodology and respondent demographics visit:

To take the Critical Data Protection benchmark survey visit: and follow on Twitter @CDP_Survey.  

In September, leading research firm Forrester cited InteliSecure as a Strong Performer in its Forrester Wave™: Emerging Managed Security Services Providers (MSSPs) Q3 2018. InteliSecure empowers its clients to identify, prioritize and protect their most critical data assets by aligning a vendor-neutral, business-centric approach with its comprehensive suite of design, validation and managed security services. InteliSecure’s scalable solutions and services are focused on realizing business outcomes and mitigating risk based on client need.

About InteliSecure

Operating 24/7 Security Operations Centers in Denver and London, InteliSecure protects over 500 enterprise clients and nearly two million users globally, with services tailored to protect critical data from increasingly sophisticated cybersecurity threats. InteliSecure’s offerings include its flagship Critical Data Protection Program, specialized managed security services, penetration testing, security assessment, and professional services. InteliSecure has ranked on the Inc. 5000 list of Fastest Growing Companies in North America for the past five consecutive years; has consistently ranked within the top 10 fastest growing businesses on the Denver Business Journal’s Fast 50; and in 2016, was named a Gartner Cool Vendor in Communications Service Provider Security Solutions.

Learn more about InteliSecure at and @InteliSecure.

A photo accompanying this announcement is available at

Media Contact:
Jim Engineer