Report: Compliance and information security - How are they related?
Download a report (PDF)
What is the connection between security and compliance? This was the starting point of Advisera when we decided to carry out the survey in June 2019. The goal was to research answers in detail and get insight into what could help organizations assess their own state on handling compliance and information security. This summary presents answers from 605 respondents, coming from countries in five continents, from various industries, acting mostly in IT and security positions. Download the report with the results, analysis, and the following main findings:
- Most respondents see security and compliance as something very tightly related.
- The main difference between security and compliance seems to be the goal of satisfying the auditors/third parties.
- The respondents place human factors and organizational factors as more important than technical safeguards as the cause of breaches.
- Being compliant with laws and regulations is not a guarantee against data breaches.