The APEX Cyber Security Workgroup needs your input!  We are seeking feedback on the role meeting planner’s play in data security for events.  By participating in the survey you are helping set the direction for the workgroup for the next 12 months.  Output is expected to include educational content and planning tools for data security. 

(For the purposes of this survey a “data breach” is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personally identifiable information (PII), credit card information (PCI), trade secrets or intellectual property.)
Section 1 - Demographics

Question Title

* 1. Are you a; (pick one answer)

Question Title

* 2. What business sector or industry does your organization operate in or represent?

Question Title

* 3. Do you feel that a data breach has the potential to adversely affect your organization?

Question Title

* 4. Have any of your meetings or events been adversely affected by a data breach?

Question Title

* 5. If your answer to Q4 was "Yes", to what extent?

Question Title

* 6. Has your organization deployed any policy's or process's to combat data breaches?

Question Title

* 7.

If your answer to Q6 was "Yes", what measures?

Question Title

* 8. If you are willing to share additional information with the Convention Industry Council, including data and best practice samples, please complete the information below. (Optional)

Section 2 - Planner Role in Security

Question Title

* 9. In general (not specific to meetings and events) does your organization have an information security policy?

Question Title

* 10. Specific to meetings and events, does your organization perform information security-related risk assessments?

Question Title

* 11. How confident are you in understanding your role in managing the risk associated with information technology? (Rate on the scale with 10 being the most confident)

Question Title

* 12. What is your top concern regarding your role in data security?

Question Title

* 13. How does your approach to information security and risk management change when dealing with international attendees or events?

Section 3 - Responsibility

Question Title

* 14. Rank the following entities in the order in which you think they hold a share or the responsibility in the event of a data breach from an event app. (1 being the most responsible, 6 being the least responsible)

Section 4 - Methods of Prevention

Question Title

* 15. In general, how does your organization manage access control to sensitive data? (e.g. auto expiring logins for temporary employees, audit access to systems, two step authentication, desperation of controls or processes around sensitive data)

Question Title

* 16. What steps are taken by your organization to secure attendee registration information?

Question Title

* 17. Do your meetings and events contain sensitive presentation content?

Question Title

* 18. If you answered "Yes" to Q17, what steps are taken to secure that sensitive content?

Question Title

* 19. What steps are taken by your organization to secure credit card information?

Section 5 - Miscellaneous

Question Title

* 20. What percentage of the event or meeting budget currently gets spent on data loss prevention?

Question Title

* 21. What percentage of the event or meeting budget do you think should be spent on data loss prevention?

Question Title

* 22. Do you have any best practices around data breach prevention you can share? What are they?

Question Title

* 23. As it relates to data breach prevention at meetings and events, what would you most like to understand more?

T