Having policies in place can mitigate the risk of physical security breaches
C-suites and SBOs (Small Business Owners) indicated external threats from vendors or contractors
(25% C-suites; 18% SBOs) and physical loss or theft of sensitive information (22% C-suites, 19%
SBOs) are the top information security threats facing their business.
Yet, the number of organizations with a known and understood policy for storing and disposing of
confidential paper documents adhered to by all employees has declined 13% for C-suites (73% in 2019
to 60% in 2020) and 11% for SBOs (57% in 2019 to 46% in 2020).
In addition, 49% of SBOs have no policy in place for disposing of confidential information on end-of-life
electronic devices.
While the work-from-home trend has risen over the years, the COVID-19 pandemic abruptly launched
employees into work-from-home status, many without supporting policies.
77% of C-suites and 53% of SBOs had employees who regularly or periodically work off-site. Despite
this trend, 53% of C-suites and 41% of SBOs have remote work policies in place that are strictly
adhered to by employees working remotely (down 18% from 71% in 2019 for C-suites; down 8% from
49% in 2019 for SBOs).
“As we adjust to our new normal in the workplace, or at home, it’s crucial that policies are adapted to
align with these changes and protect sensitive information,” said Cindy Miller, president and CEO,
Stericycle.
“As information security threats grow, it’s more important than ever that we help businesses and
communities protect valuable documents and data from the risks of an information breach.”

 

5.2 The C-suites and SBOs (Small Business Owners) are planning to build a security system to identify and prevent malicious attacks posing a risk to physical loss or theft of sensitive information. Using the security system development lifecycle secSDLC, identify secSDLC phases and describe common steps for each phase.