Compliance budgets frozen

Nearly half of businesses have static compliance budgets and rely on labour-intensive manual processes, despite 72% of organisations now viewing compliance as a priority.

  • 9 years ago Posted in
72% of businesses view regulatory compliance as a high priority, but despite this more than half (53%) have cut or frozen their budgets for compliance and risk management, according to a new survey conducted by SureCloud
 
With IT departments facing increasing data protection requirements and with limited resources, more than a quarter (27%) said that they had experienced a security incident leading to a data breach in the past year.  Nearly 10% admitted that they did not know what all of their business compliance requirements were.
 
The survey of 130 UK IT and infosecurity professionals found that 61% of organisations use manual, spreadsheet based processes for risk management, or have no process of any kind in place.  65% also reported that their organisation relied on manual processes for handling compliance processes, or have no formal process in place.  A quarter of respondents admitted that their organisation did not conduct annual risk assessments.
 
SureCloud CEO Richard Hibbert commented: “Business compliance requirements are growing, and it is becoming progressively more challenging for organisations to have an overview of their risk and compliance status across the business – especially when they are relying on manual, paper-based processes to do so.  With IT departments seeing their compliance budgets cut in real terms, businesses run the risk of falling short of compliance standards, incurring penalties and even suffering data loss incidents.”
 
The compliance regulations that organisations identified as having to meet included ISO 27000 (49%), PCI DSS (39%), and a range of other quality management, business continuity and risk management standards, highlighting the complexity and breadth of requirements business are attempting to meet.
 
“Automating processes makes it easier for companies to get a clear view of their compliance and risk profile from a business perspective, helping to minimise their exposure to risks while saving IT teams both time and costs,” added Hibbert, “This quickly realises key strategic and operational benefits, and provides a solid foundation for future business planning.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...