Cyber Security

A-LIGN releases 2022 Compliance Benchmark Report

Additional findings highlight the opportunity to consolidate audits and improve security posture, showing 85% of respondents conducting two or more audits annually across multiple auditors.

Cybersecurity compliance and audit firm, A-LIGN, officially released its 2022 Compliance Benchmark Report today, highlighting the concern over increased threat of ransomware attacks and the need for organizations to adopt a more streamlined approach to their compliance requirements. The 2022 Compliance Benchmark Survey was conducted from November 2021 through January 4, 2022, with all 732 survey respondents comprised entirely of IT, security and compliance professionals.

“This year’s Benchmark Report brings the organizational compliance mandate into sharp focus,” notes Patrick Sullivan, author of the report and Vice President of Customer Success at A-LIGN. “C-suite executives are placing more and more importance on the value of compliance programs to drive a growth mindset in their organizations as well as a culture of security best practices. By streamlining compliance, companies have more cycles to focus on core security issues along with a tighter handle on the critical security controls necessary to prevent ransomware and implement zero trust.”

Central to the report’s key findings is the continued increase in the centralization and automation of compliance programs. The use of some form of software during audits and assessments is up to 72% from 25% in 2021. Yet, 85% of respondents are still routinely conducting two or more audits annually with a staggering majority using multiple auditors. As companies look to continue streamlining their compliance programs, consolidation is a major theme.

Also telling were the reasons driving compliance activities. The largest number of respondents stated that they needed to show compliance due to customer requests to gain new business. Close behind, the second most common driving factor was attributed to C-level and board security compliance mandates.

2022 A-LIGN Benchmark Report Key Findings Include:

  • Organizations Bolster Cybersecurity Defenses Against Ransomware and Cyberattacks: 40% of respondents are planning to develop a ransomware preparedness plan.
  • Zero Trust Grabs the Spotlight as an Essential Cybersecurity Strategy: Over half of respondents (58%) agree/strongly agree that zero trust is a strategy they must implement in the next 12 months.
  • Companies are Wasting Time and Money by Not Consolidating Audits: Only 15% of organizations practice audit consolidation. 85% conduct two or more audits annually. 65% use two or more auditors.
  • Proactive Compliance Management Creates Value and Earns New Business: 22% of respondents said they lost a new business deal due to a missing compliance certification.
  • Explosive Adoption of Audit Software Used to Assist Compliance Efforts: 72% of organizations are using some form of software during their audits and assessments, up from 25% last year.

Since organizations are implementing more (and more complicated) compliance programs and are worried about ransomware, proper planning is the theme of this year’s best practice takeaways.

  • Develop a Ransomware Preparedness Plan: Ransomware isn’t going away anytime soon, and attacks will likely become much more prevalent throughout the course of this year. The best way to brace for — and mitigate — the impact of a ransomware attack is to have a comprehensive plan in place.
  • Create a Master Audit Plan: Organizations’ greatest compliance challenges are all found to be related to a lack of strategic alignment in their compliance programs. A Master Audit Plan (MAP) provides a simple yet powerful way for companies to design an audit strategy that provides greater visibility into the efforts required from each team or department, what is needed for each audit, and which pieces of evidence can be repurposed.
  • Move from Tactical to Strategic Compliance: For compliance to realize its full potential, companies must embrace a mindset in which the compliance function is part of the organization’s strategic and leadership big picture.

The report is split into seven industry segments, covering a comprehensive range of industry topics from compliance budget projections to planning for ransomware, each with tailored compliance insights from a variety of perspectives. For more details and a comprehensive analysis of the research, download the 2022 Compliance Benchmark Report.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.

Related posts

CrowdStrike and Ignition Technology to address UK cybersecurity demand

Business Wire

TrapX Security Hires Steve Preston as Vice President of Marketing

Business Wire

Axonius Closes $200 Million Series E at $2.6 Billion Valuation

Business Wire