When security and compliance have a unified strategy and vision, every department and employee within the organization benefits, as does the business customer
BOULDER, Colo., June 21, 2022 /PRNewswire-PRWeb/ -- Enterprise Management Associates (EMA™), a leading IT and data management research and consulting firm, today announced the release of a new research report titled "Using Compliance Budget to Advance Security Priorities," authored by Christopher Steffen, CISSP, CISA, managing research director of security and risk management at EMA.
Organizations continue to prioritize security and security spending, but that spending is often at odds with a more pressing business priority: regulatory compliance. Regardless of the industry vertical, all businesses are required to deal with a certain amount of regulatory compliance or vendor due diligence.
Armed with regulatory frameworks and controls, the IT compliance team holds the organization accountable for security claims with demonstratable proof of protection and adherence to security and technology best practices. This accountability can cause friction between the information security team and the compliance team in an organization, but it doesn't have to be that way. This survey shows that the attitudes of these teams is starting to shift and synchronize for the betterment of the company. As organizations continue to spend budget and resources on information security and compliance, aligned priorities on how best to spend those dollars is critical, and appears to be happening.
"Security and compliance are undeniably linked, not only in how the business defines spending in these areas, but also when setting the priorities of each," said Steffen. "When security and compliance are aligned, both are stronger and the business significantly benefits."
Based on 204 survey responses from technology and business leaders in North America, representing organizations from more than ten different industry verticals, this new research examines:
- How companies are prioritizing information security and compliance priorities, including which leaders control information security spending
- How compliance-related priorities have shifted the overall security strategy of the organization, and the solutions and tools on which organizations are focusing their technology spending.
- How data security/privacy-related regulations have influenced the direction of security priorities as more companies and governments enact data privacy controls.
Some of the key findings from the report include:
- 25% of respondents stated that information security projects are dependent on compliance projects
- 40% of organizations have postponed security projects to address regulatory compliance concerns
- 76% of respondents said that compliance has completely or significantly shifted their security strategy
- 68% of respondents believe their regulatory compliance programs are a competitive differentiator
This independent security research report was sponsored by Baffle, Cerberus Sentinel, and Sumo Logic.
A detailed analysis of the research findings is available in the report, "Using Compliance Budget to Advance Security Priorities."
About EMA
Founded in 1996, EMA is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help their clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals, and IT vendors at https://www.enterprisemanagement.com
Media Contact
Raleigh Gould, Enterprise Management Associates, 303-543-9500, [email protected]
SOURCE Enterprise Management Associates
Share this article