CISOs have no clear view of what assets their business has, or where they are kept on the network. 55 per cent have taken partial action, while 17 per cent had taken no action at all. 57 per cent said identifying risks and vulnerabilities was the top priority for the next 12 months 40 more than the next most popular choices of vetting third party suppliers and securing the cloud. 28 per cent stated that internal staff were the area they felt most vulnerable, followed closely by suppliers at 24 per cent.”]