68% of Organisations do not encrypting sensitive data, despite the fact that access to this capability is now widely available. Over 55% of organisations have URL filtering systems in place at a mature level, only 22% have protection against zero day malware. 51% have either limited or no capability to inspect SSL/TLS encrypted web traffic entering or leaving their network so are missing opportunities to reduce the likelihood of malware entering their networks via users web browsers. 85% of those assessed were found to maintain segmented networks a long standing rule of network design best practice.”]