Study: It Pays to be in Compliance with Information Security Standards and Regulations

It is a lot more work to play catch-up-on-security every 3 – 6 months than to implement security and live by it every day.

What is the business value for an organization to become and remain compliant?

A new study conducted by the Ponemon Institute and sponsored by security solutions provider Tripwire provides some pretty enlightening – if not surprising – answers. The study, a review of security investments made over a 12-month period at 46 global companies, found that organizations that regularly review and maintain compliance with leading industry security standards and regulations spend about three times less annually than organizations that fall out of compliance. Most compliant organizations spend an average of $3.5 million annually on security while non-compliant organizations spend an average of $9.4 million.

[…]

“For those who do not do internal audits, the total cost of compliance is higher. They are likely doing manual work to get to ‘check-box’ compliance….They are doing the bare minimum and, when the external audit is over, they are back to business as usual and their systems are no longer in a compliance state, which makes them just as vulnerable as they were before the audit, so the cost of compliance is high”, Shenoy told Infosecurity. Every company, regardless of industry, is spending money for compliance, but not all are getting secure, Shenoy says. “It was the ones that invested in security practices that were reaping the benefits – those that focused on securing the business, rather than focusing on compliance alone. It does pay to be in a constant state of compliance.”

via Study: It Pays to be in Compliance with Information Security Standards and Regulations | Sword & Shield Enterprise Security, Inc..

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s