Survey Finds Compliance Activities and Fines Cost Organizations Nearly $4M per Year
Telos® Corporation, a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, today unveiled new findings from a survey conducted by independent research firm Vanson Bourne that highlights organizations’ ongoing struggle to keep up with IT security and privacy compliance regulations. The survey, which polled 300 IT security professionals in July and August 2020, revealed that, on average, organizations must comply with 13 different IT security and/or privacy regulations and spend $3.5M annually on compliance activities, with compliance audits consuming 58 working days each quarter.
As more regulations come into existence and more organizations migrate their critical systems, applications and infrastructure to the cloud, the risk of non-compliance and associated impact increases. Key findings from the survey include:
IT security professionals report receiving an average of over 17 audit evidence requests each quarter and spend an average of three working days responding to a single request
Over the last 24 months, organizations have been found non-compliant an average of six times by both internal and third party auditors resulting in an average of eight fines, costing an average of $460,000
Nearly nine in 10 organizations (86 percent) believe compliance would be an issue when moving systems, applications and infrastructure to the cloud
94 percent of organizations report they would face challenges when it comes to IT security compliance and/or privacy regulations in the cloud
“Compliance teams spend 232 working days each year responding to audit evidence requests, in addition to the millions of dollars spent on compliance activities and fines,” said Dr. Ed Amoroso, CEO of TAG Cyber, a global cyber security advisory, training, consulting, and media services company. “The bottom line is this level of financial and time commitment is unsustainable in the long run.”
“As hammer, chisel and stone gave way to clipboard, paper and pencil, it’s time for organizations to realize the days of spreadsheets for ‘checkbox compliance’ are woefully outdated,” said Steve Horvath, vice president of strategy and cloud at Telos. “Automation can solve numerous compliance challenges, as the data shows. It’s the only real way to get in front of curve, rather than continuing to try and keep up.”
Nearly all survey respondents (99 percent) indicated their organization would benefit from automating IT security and/or privacy compliance activities, citing expected benefits such as increased accuracy of evidence (54 percent), reduced time spent being audited (51 percent) and the ability to respond to audit evidence requests more quickly (50 percent).
For additional findings and to download the full report, visit: www.telos.com/reserved/audit-fatigue-report/
Telos partnered with Vanson Bourne to survey 300 security professionals from the United States. Respondents represented key sectors, including IT/technology, financial services and energy, and companies ranging from 1,000 to more than 5,000 employees and $60 million to more than $5 billion in global annual revenue.
About Telos Corporation
Telos Corporation empowers and protects the world’s most security-conscious organizations with solutions for continuous security assurance of individuals, systems, and information. Telos’ offerings include cybersecurity solutions for IT risk management and information security; cloud security solutions to protect cloud-based assets and enable continuous compliance with industry and government security standards; and enterprise security solutions to ensure that personnel can work and collaborate securely and productively. The company serves military, intelligence and civilian agencies of the federal government, allied nations and commercial organizations around the world. The company is a recipient of the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Security Service (DSS), awarded to less than .03% of eligible organizations. For more information, visit www.telos.com and follow the company on Twitter @TelosNews.
About Vanson Bourne
Vanson Bourne is an independent specialist in market research for the technology sector. Our reputation for robust and credible research-based analysis is founded upon rigorous research principles and our ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit www.vansonbourne.com.