New report highlights management of compliance programmes in the US
rata , a continuous security and continuous
D compliance automation platform , has announced the results of its inaugural 2023 Compliance Trends Report , highlighting common pain points , objectives and opportunities with security and IT compliance programmes . The report surveyed 300 IT and security professionals in fastgrowing organisations across the US .
From the American Institute of CPA ’ s SOC 2 framework to ISO 27001 certification established by the International Organization for Standardization , or the European Union ’ s GDPR law , requirements for data protection are quickly becoming normalised , calling for companies of all industries to continuously manage effective compliance programmes .
According to the 2023 Compliance Trends Report , 87 % of respondents have faced consequences as a result of not having continuous compliance , including slowed sales cycles , security breaches , business interruption , loss of a business relationship , a damaged reputation , or fines . With limited staff as a leading challenge in maintaining compliance , the majority of survey respondents cite that increasing budgets and automating processes would improve their abilities .
“ It ’ s clear to see that most IT and InfoSec professionals understand the importance and value of their compliance programmes ,” said Adam Markowitz , Drata Co-founder and CEO . “ But without proper budgeting and automation , they , unfortunately , feel stuck in the manual management of those programmes and that ’ s where long-term issues arise and where growth is ultimately prohibited .”
IBM report reveals vulnerable UK energy system among top targets for cybercriminals
BM Security has released its 2023 X-Force Threat
Intelligence Index , which revealed that the UK ’ s energy industry was among the primary targets for cyberattacks for the second consecutive year , seeing 16 % of all attacks . The UK was the top-attacked country in Europe , accounting for 43 % of the attacks X-Force observed , followed by Germany ( 14 %), Portugal ( 9 %), Italy ( 8 %) and France ( 7 %).
Backdoor deployments – malware that provides remote access – were the most common attacker action observed in the UK in 2022 , comprising 18 % of cases . Gaining backdoor access often precedes ransomware attacks , Distributed Denial of Service ( DDoS ) attacks and deployment of remote access tools , which were each involved in 14 % of UK incidents .
With rising energy bills a key factor in the squeeze on UK consumer finances , the report highlights the threat of further pressure on an already vulnerable energy sector and the potential for data breach costs to trickle down to consumers through price rises . As many UK businesses strive to carefully manage costs , there is heightened risk of cybersecurity investment falling and vulnerabilities proliferating .
The most common impact from cyberattacks in 2022 was extortion , which was primarily achieved through ransomware or Business Email Compromise ( BEC ) attacks . With threat actors often seeking to exploit geopolitical tensions , the report found that Europe was the most targeted region for extortion in 2022 . More than half of the cases X-Force observed in the UK involved extortion ( 57 %) – twice the global average – followed by data theft ( 29 %).
12 www . intelligentciso . com