In 2022, 34% of enterprises had internal ICT functions and ICT security, while 15% had internal ICT functions but external suppliers for ICT security. One-fifth (20%) of enterprises had external ICT functions but had internal ICT security, while 51% had external suppliers for both ICT functions and for ICT security. Please note that enterprises could select multiple categories (e.g. having both internal and external ICT functions), so the total will not add up to 100%.
In 2022, 36% of enterprises provided voluntary ICT security training, 25% had compulsory ICT security training, and 37% included ICT security training as a contractual obligation of employment.
In 2022, 14% of enterprises experienced unavailability of ICT services due to either hardware or software failure or intentional attack. Some 2% of enterprises had destruction or corruption of data due to hardware or software failure or external attack, while 1% had disclosure of confidential data either due to unintentional or intentional disclosure or attack.
Learn about our data and confidentiality safeguards, and the steps we take to produce statistics that can be trusted by all.