Audit

Enterprises are grappling with an increasing compliance burden, subject to multiple frameworks and more regulatory mandates that stretch resources and drive-up costs.

Misconfigurations can further complicate things, often leading to non-compliance and regulatory penalties. Plus time-consuming tasks like auditing, reporting, and system remediation are prone to human error.

New research shows that only 29 percent of all organizations say their compliance programs consistently meet internal and external standards.

The report from Swimlane reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps.

Around half of organizations have experienced a significant increase in their audit budget expenditures due to poor IT asset inventory data.

Research carried out by YouGov for Oomnitza shows 56 percent of companies report that the data accuracy of their configuration management database (CMDB) is only 85 percent or less with insufficient levels of process automation.

With cyber criminals deploying increasingly sophisticated methods of attack organizations must go the extra mile to protect their data and avoid costly financial and reputational damage. With new threats emerging each day, these risks cannot be taken lightly. This is particularly true for corporate legal teams and law firms who are prime targets for cyber attackers given the amount of sensitive client information that they hold.

According to IBM’s Cost of a Data Breach 2022, the average consolidated total cost of a data breach in the UK is £3.36 million, up from £2.37 million in 2015. Given the financial and reputational damage a data breach can cause, legal teams and law firms cannot treat cyber security as a tick box exercise. However, there is a tendency to fall into a key myth of cyber security: "We are doing fine as long as we pass our annual security audit."