The Watershed Moment for Compliance Budgets: A Preview of My New Whitepaper, ‘Using Compliance Budget to Advance Security Priorities’

By: Baan Alsinawi, Managing Director, CISO Global, Inc.

• The C-suite wants answers: With “ransomware attacks every 11 seconds” and “cybercrime costs … predicted to be as high as $10.5 trillion USD by 2025,” executives and managers are taking cybercrime seriously. We’ll touch on what the EMA report does with these statistics, the significance of these leaders’ responses, and more.
• They get it — compliance matters: After struggling to accept regulatory mandates for years, corporate stakeholders are starting to see the wisdom of following regulatory frameworks, demonstrating implementation, and embracing best practices. We’ll review exactly what’s shifted due to compliance-related priorities and identify three specific themes that recurred throughout the survey.
• Priorities are in lockstep: We’ll review some data that underscores why it’s important that 89% of respondents said their compliance and security priorities aligned, what respondents singled out as the top challenges for information security and audit/compliance, and the trend we can expect to continue as Congress considers new privacy legislation.
• The tail wags the dog: Do business goals drive changes in information security strategies? Respondents seemed to think so. We’ll look at what I suspect are the real reasons why businesses pay attention to cybersecurity, what most ignore to protect their bottom line, and what might force them to stop treating cybersecurity like an afterthought. 
• An attitude adjustment is in order: With respondents citing culture, organizational silos, and a lack of interorganizational cooperation and executive management buy-in among their security challenges, we’ll uncover exactly which coveted resource no organization — if they’re lucky enough to have it — should ever let go of.
• Budgets vary wildly: How much did the respondents put toward IT, information security, and audit/compliance budgets? We’ll take a look at what’s covered in the report, including what the 75% who indicated a recent spending increase said they’d spent the most on. We’ll also talk about how long one can expect a damaged brand’s reputation recovery to take.
• There’s a sense of hope: Following the note that “89% of the respondents said their information security and IT compliance priorities were generally aligned,” we’ll discuss the positive thing this says about the attitudes of IT leaders, the bad thing this will reduce, and the good thing this will strengthen.
• There’s a lot of work to do: While “around 40% [of respondents] indicated they were willing to make a significant investment in risk management solutions/services,” most respondents reported a need to improve their cybersecurity culture, understanding of cyber impacts, and more. We’ll reveal the budget line item you should never skip, the features your solutions and professionals must have, and the kind of monitoring you need to implement.

Ready to get all these insights and more? Download the whitepaper now. 

Looking to improve your security posture? Contact CISO Global today.