A large number of global companies think they have an effective information security strategy in place and are proactively executing their security plans, according to a new survey by consulting firm PricewaterhouseCoopers LLP (PwC). But a relatively small percentage of the organizations surveyed (13%) are what the firm calls true information security "leaders." The PwC 2012 Global State of Information Security Survey, in which more than 9,600 business and IT executives worldwide were surveyed online between February and April 2011, finds that companies are actively investing in information security, driven by a quickly evolving and dangerous landscape of cyber threats, according to PwC. "The face of cyber threats has rapidly evolved from curious college kids taking their hand at hacking to an enormous global ecosystem of cyber-crime," says Mark Lobel, principal at PwC and co-author of the study. "Companies need a comprehensive approach to security--technology, education and awareness--and a very small number have truly mastered all three."