Security Regulations & Guidelines: Is Your Business on the Path to Compliance?
Download as PPTX, PDF1 like396 views
The document discusses the results of a survey of 460 IT professionals about security regulations and privacy guidelines at their organizations. Some key findings include: - 28% of organizations reported being hit by a data breach in the last 12 months, and data breaches are becoming more common. - Regular auditing is crucial for regulatory compliance but 17% only conduct internal audits once a year and 3% every 2-3 years. - 78% of organizations have a data governance program but more investment is needed. Budgets for regulatory compliance make up 15% or less of IT security budgets for 73% of organizations.
Security Regulations & Guidelines: Is Your Business on the Path to Compliance?
- 1. Security Regulations & Guidelines: Is Your Business on the Path to Compliance?
- 2. Data is Exploding … and Privacy Regulations & Guidelines are Expanding. We surveyed 460 IT professionals from countries around the world in various industries to see how important security regulations and privacy guidelines were at their organizations. Here are some of their answers. How does your organization stack up?
- 3. Information is Beautiful, but Data Breaches are Not • 28 percent of organizations admit they have been hit by a data breach in the last 12 months. • Data breaches are now a normal occurrence. 3
- 4. • 17 percent of this group only conduct internal audits to ensure regulatory compliance once a year. • 3 percent say they only do so every two to three years. Regular and Comprehensive Auditing is Crucial to Staying Compliant 4
- 5. Data Governance Is Gaining Favor Amidst Corporate IT Security Priorities • According to our study, 78 percent of organizations have a data governance program in place. • Data governance is something that every organization should invest in. 5
- 6. Data Security Budgets are Increasing • 73 percent of organizations allocate up to 15 percent of their IT security budgets towards regulatory compliance. • These increased budgets can lead to: improved decision-making abilities, improved risk mitigation and improved brand protection. 6
- 7. Delayed Threat Detection and Breach Notifications Open Door to Regulatory Fines 7
- 8. Delayed Threat Detection and Breach Notifications Open Door to Regulatory Fines • The upcoming EU GDPR requires organizations to notify regulatory authorities of a data breach within 72 hours. • 14 percent of the surveyed IT professionals admitted it takes between one month and two years to notify regulatory authorities • These organizations could face fines of €20 million, or 4 percent of their global turnover, whichever is greater. 8
- 9. 9 Although C-Suite Interest in Data Protection is Increasing, Visibility Proves Challenging • 76 percent of C-suite and board-level executives regularly review and assess their organizations’ compliance with state, federal and international data protection laws. • This is a step in the right direction.
- 10. However, they aren’t reviewing their organization’s plans enough. • 12 percent of C-Suite execs say they only do such reviews every one to three years. • 7 percent say they never do reviews. • 11 percent admit that they • don’t know how often reviews are done. 10
- 11. Want to see more stats and research? Download the full study at: http://bit.ly/2grGuZC 11