nCircle 2012 Government Cyber Security Survey
"Over 65% of respondents - a very strong majority - believe the private sector does not need cyber security regulation. They know being compliant does not mean your network is secure. IT pros realize effective security regulations are very difficult to craft and must be adequately enforced to improve security across the board. There is growing acknowledgment of the importance of effective cyber security but our regulatory track record does not create a compelling case for the efficacy of regulation."
"Tax records, health information, social security data—the public sector is responsible for an enormous amount personally identifiable information (PII) that's extremely lucrative for cyber criminals. An overwhelming majority of security professionals believe government organizations responsible for this data are not effectively keeping it secure."
"Given the constant media coverage on the increasing number of security threats, it's not surprising that respondents feel that security investments are not sufficient for the risk environment. These results vividly point out that a significant majority of security professionals, the people that deal with security challenges day- in and day-out, believe current security investments are not enough."