Data security is a competitive advantage. How can companies give priority to information security and compliance

Business Management Association （EMA） New research conducted examines the impact of compliance budgeting on security policies and priorities . It describes the areas where the company prioritizes information security and compliance , Which leaders control information security spending , How compliance has changed the overall security strategy of the organization , And the solutions and tools that the organization focuses its technology spending on .

  Compliance priorities

The survey results cover three key areas of the organization's security and compliance status ： Information security and IT Audit and compliance , Data security and data privacy as well as security and compliance expenditures .

A key point is , Merging security and compliance priorities can address regulatory control gaps , At the same time, improve the safety of the organization . Interviewees revealed about how they deal with compliance , Views on who is responsible for compliance and safety responsibilities and the safety challenges related to compliance faced by the organization .

“ This study confirms our long-standing theory , That is, when security and compliance have a unified strategy and vision , Every department and employee in the organization will benefit , The same is true of business customers ,”EMA The managing director Christopher M. Steffen say ,“ Most organizations regard compliance and compliance related activities as “ Business costs ”, This is what they must do when doing business in some markets . More and more organizations with forward-looking thinking are looking for ways to maximize their market competitive advantage , And having a first-class data privacy plan or compliance plan is of interest to smarter customers , Especially in organizations with global influence . Compliance is no longer a “ bet ” The idea of ： In a very tight market , A comprehensive compliance plan focused on data security and privacy may be different , And it is usually the decisive factor for an organization to choose one supplier rather than another .”

Other findings ：

Companies find that they need to change their information security policies to address compliance priorities （93%）.

Information security and IT Compliance priorities are usually consistent （89%）.

The existing security tools must solve the problem of data privacy in the future （76%）.

Manage multiple of the organization IT The environment and the control measures to control these environments are IT The biggest challenge in the area of audit and compliance （39%）.

Data security and privacy

Data security and privacy are at the core of information security and compliance . According to this study , Data privacy regulations , As in the European Union 《 General data protection regulations 》 or 《 California consumer privacy act 》, Is a major consideration for business and technology leaders . In the absence of a national privacy referendum , Five states have enacted personal privacy laws . Other results include ：

The organization believes that , Implementing important data privacy programs is a competitive advantage （75%）.

Organizations use or are seeking to use compliance programs as a competitive advantage （68%）.

Respondents are looking for tools to address data privacy controls （75%）.

Companies are changing their organization's approach to information security , To address data privacy regulations （59%）.

Companies use data classification or security centric methods to protect data privacy （54%）.

Data security, tools and data encryption are the biggest security challenges they face （38%）.

Safety and compliance expenditure

Given the growing concern about maintaining compliance , The study found that , The company has invested heavily in data security and privacy tools , And it's not surprising to spend the least on single point solutions . Besides , CIO （CIO） Probably responsible for security and IT Compliance investment budget .CISO（ Security ） And the chief compliance officer （ compliance ） Have a significant impact on their respective budgets . Further insights include ：

At present, the company may make significant investments in data privacy and data loss protection （98%）.

The number of respondents increased IT, Information security and IT Compliance investment （75%）.

Most information security budgets fall between 5 Ten thousand dollars sum 500 Between ten thousand dollars （61%）, stay IT Auditing and compliance are roughly the same （58.8%）.

Future information security and security consulting （74%） as well as IT Audit and compliance （66%） Our budget will increase moderately or slightly .

“ Data responsibility is a competitive advantage . just as EMA As this study reveals , The company realizes that it is important to adjust security and compliance resources ,“Baffle CEO Ameesh Divatia say .“ The good news is that ,IT Practitioners attach great importance to compliance , This mindset is shaping their security strategies and investments . This environment is very suitable for innovation , Because these practitioners have evaluated tools to improve their security to comply with data privacy regulations . As data privacy regulations synchronize compliance with security , The work done now to manage the complexity of compliance will only benefit the organization and its business customers in the long run .

The original is translated from helpnetsecurity, Super technology translation , Please indicate the source and original text of the reprint of the cooperation site. The translator is super technology ！

Hi, I'm super technology

Super technology is an information security expert , Can defend without upper limit DDos Attack and CC attack , Alibaba cloud strategic partner ！