Percentage of cybersecurity FTEs eliminated/redeployed in the past 12 months attributed to AI

This measure calculates percentage of cybersecurity full-time equivalent employees (FTEs) eliminated/redeployed in the past 12 months attributed to AI. Cybersecurity is defined as the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. Artificial Intelligence (AI) (aka cognitive solutions) is a type of information system that is trained (as opposed to programmed) to continually build knowledge, better than traditional programmable systems at understanding information, at reasoning, and capable of more natural interaction with human beings. This Supplemental Information measure is intended to help companies evaluate additional variables related to the process group "Manage IT resilience and risk".

Benchmark Data

Lock

Sorry! Not all users have access to all of our resources.

Want to unlock access to all of our resources?

Learn about Membership Arrow with stem
Measure Category:
Supplemental Information
Measure ID:
107818
Total Sample Size:
613 All Companies
Performers:
25th Median 75th
- - -
Key Performance Indicator:
Yes
Sample image showing interactive filters for more detailed measure peer group data and an interactive graph.

Compute this Measure

Units for this measure are percent.

Back to Top
Percentage of cybersecurity FTEs eliminated/redeployed in the past 12 months attributed to AI

Key Terms

Back to Top

Cybersecurity is the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.

Artificial Intelligence refers to systems that understand, reason, learn, and interact. These systems do this by continually building knowledge and learning, understanding natural language, and reasoning and interacting more naturally with human beings than traditional programmable systems (e.g., speech, pattern recognition, decision-making, learning by experience).

Measure Scope

Back to Top

Cross Industry (7.4)

  • 8.3.1 - Develop IT compliance, risk, and security strategy (20707)
    • 8.3.1.1 - Determine and evaluate IT regulatory and audit requirements (20708)
    • 8.3.1.2 - Understand business unit risk tolerance (20940)
    • 8.3.1.3 - Establish IT risk tolerance (20709)
    • 8.3.1.4 - Establish risk ownership (20710)
    • 8.3.1.5 - Establish and maintain risk management roles (20711)
    • 8.3.1.6 - Establish compliance objectives (20712)
    • 8.3.1.7 - Identify systems to support compliance (20941)
    • 8.3.1.8 - Identify and evaluate IT risk (20713)
    • 8.3.1.9 - Evaluate IT-related risks resiliency (20714)
    • 8.3.1.10 - Create IT risk mitigation strategies and approaches (20715)
  • 8.3.2 - Develop IT resilience strategy (20716)
    • 8.3.2.1 - Determine IT delivery resiliency (20717)
    • 8.3.2.2 - Determine critical IT risks (20718)
    • 8.3.2.3 - Prioritize IT risks (20719)
    • 8.3.2.4 - Establish mitigation approaches for IT risks (20720)
  • 8.3.3 - Control IT risk, compliance, and security (20721)
    • 8.3.3.1 - Evaluate enterprise regulatory and compliance obligations (20722)
    • 8.3.3.2 - Analyze IT security threat impact (20723)
    • 8.3.3.3 - Create and maintain IT compliance requirements (20724)
    • 8.3.3.4 - Create and maintain IT security policies, standards, and procedures (20942)
    • 8.3.3.5 - Develop and deploy risk management training (20725)
    • 8.3.3.6 - Establish risk reporting capabilities and responsibilities (20726)
    • 8.3.3.7 - Establish communication standards (20727)
    • 8.3.3.8 - Conduct IT risk and threat assessments (20728)
    • 8.3.3.9 - Monitor and manage IT activity risk (20729)
    • 8.3.3.10 - Identify, supervise and monitor IT risk mitigation measures (20730)
  • 8.3.4 - Plan and manage IT continuity (20731)
    • 8.3.4.1 - Evaluate IT continuity (20732)
    • 8.3.4.2 - Identify IT continuity gaps (20733)
    • 8.3.4.3 - Manage IT business continuity (20734)
  • 8.3.5 - Develop and manage IT security, privacy, and data protection (20735)
    • 8.3.5.1 - Assess IT regulatory and confidentiality requirements and policies (20736)
    • 8.3.5.2 - Create IT security, privacy, and data protection risk governance (20737)
    • 8.3.5.3 - Define IT data security and privacy policies, standards, and procedures (20738)
    • 8.3.5.4 - Review and monitor physical and logical IT data security measures (20739)
    • 8.3.5.5 - Review and monitor application security controls (20740)
    • 8.3.5.6 - Review and monitor IT physical environment security controls (20741)
    • 8.3.5.7 - Monitor/analyze network intrusion detection data and resolve threats (20742)
  • 8.3.6 - Conduct and analyze IT compliance assessments (20743)
    • 8.3.6.1 - Conduct projects to enhance IT compliance and remediate risk (20744)
    • 8.3.6.2 - Conduct IT compliance control auditing of internal and external services (20745)
    • 8.3.6.3 - Perform IT compliance reporting (20746)
    • 8.3.6.4 - Identify and escalate IT compliance issues and remediation requirements (20747)
    • 8.3.6.5 - Support external audits and reports (20748)
  • 8.3.7 - Develop and execute IT resilience and continuity operations (20749)
    • 8.3.7.1 - Conduct IT resilience improvement projects (20750)
    • 8.3.7.2 - Develop, document, and maintain IT business continuity planning (20751)
    • 8.3.7.3 - Implement and enforce change control procedures (20752)
    • 8.3.7.4 - Execute recurring IT service provider business continuity (20753)
    • 8.3.7.5 - Provide IT resilience training (20754)
    • 8.3.7.6 - Execute recurring IT business operations continuity (20755)
  • 8.3.8 - Manage IT user identity and authorization (20756)
    • 8.3.8.1 - Support integration of identity and authorization policies (20757)
    • 8.3.8.2 - Manage IT user directory (20758)
    • 8.3.8.3 - Manage IT user authorization (20759)
    • 8.3.8.4 - Manage IT user authentication mechanisms (20760)
    • 8.3.8.5 - Audit IT user identity and authorization systems (20761)
    • 8.3.8.6 - Respond to IT information security and network breaches (20762)
    • 8.3.8.7 - Conduct penetration testing (20763)
    • 8.3.8.8 - Audit integration of user identity and authorization systems (20764)