From: Mapping the coverage of security controls in cyber insurance proposal forms
ISO control | Percentage |
---|---|
Section 6: Organization of information security | 37.50% |
Section 7: Human resource security | 34.70% |
Section 8: Asset management | 42.70% |
Section 9: Access control | 28.10% |
Section 10: Cryptography | 75% |
Section 11: Physical and environmental security | 35.40% |
Section 12: Operations management | 38.70% |
Section 13 Communications security | 14.60% |
Section 14: System acquisition, development | 6.90% |
and maintenance | Â |
Section 15: Supplier relationships | 29.20% |
Section 16: Info security incident management | 16.70% |
Section 17: Business continuity management | 50% |
Section 18: Compliance | 68.80% |