The State of Information Security 2003 Survey Methodology

“The State of Information Security 2003,” a worldwide study by CIO magazine and PricewaterhouseCoopers, was conducted online from April 15 through July 7, 2003. Readers of CIO, CSO magazine (a sister publication to CIO) and clients of PricewaterhouseCoopers from around the globe were invited via e-mail to take the survey. The results are based on the responses of 7,596 CEOs, CFOs, CIOs, CSOs, and vice presidents and directors of IT and information security from 54 countries. The margin of error is 1.1 percent.

The study represents a broad range of industries, including computer-related (14 percent), government (9 percent), consulting and professional services (8 percent), financial services and banking (8 percent), noncomputer manufacturing (8 percent), and education (7 percent).

One-quarter of the respondents were IT executives, while 16 percent were information security professionals. Fifteen percent of those surveyed held CEO, CFO or non-IT director titles, and 19 percent were network administrators. Twenty-one percent listed “other.”

Forty-two percent of the executives surveyed reported total annual sales of less than $100 million, while 18 percent reported sales between $100 million and $999.9 million. Twenty percent of the survey base said their organizations’ annual sales exceeded $1 billion, and 20 percent were nonprofit organizations and therefore did not report annual sales.

When asked about company size, 28 percent said their organizations had less than 100 employees, and 31 percent had between 100 and 1,000 employees. Nineteen percent of the survey respondents reported between 1,000 and 5,000 employees, and 21 percent had more than 5,000 employees. (Numbers may not add up to 100 percent due to rounding.)

-Lorraine Cosgrove Ware