From CSOonline.com The Global State of Information Security 2006 Some things are getting better—slowly—but security practices are still immature and, in some cases, they’re regressing The Executive Summary By Allan Holmes When it comes to information security, the reflection you see in your morning mirror is probably not that of a sharp, confident, professional IT executive. Rather, that man in the mirror is more likely to look like a gangly, awkward, not-yet-to-be-fully-trusted teenager. That’s what “The Global State of Information Security 2006” survey tells us. In its fourth edition, this largest-of-its-kind survey reveals that global information executives, still relatively new to security’s disciplines, are learning and improving but are still prone to risky behaviors—behaviors that could have devastating consequences. The study by CSO, CIO and PricewaterhouseCoopers (PwC), with 7,791 respondents in 50 countries, indicates that an increasing number of executives (CEOs, CFOs, CIOs, CSOs, and vice presidents and directors of IT and information security) across all industries and in private- and public-sector organizations continue to make incremental improvements in deploying information security policies and technologies, although the rate of improvement is slower than in previous years.