Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Research Reveals 71% of Companies Could Fail a Cyber Audit
According to newly released research from Swimlane, only 29% of all organizations say their compliance programs consistently meet internal and external standards. The report, "GRC Chaos: The High Price of Audits and Non-Compliance," reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps.

To better understand how cybersecurity teams are managing the growing complexity and demands of regulatory requirements, Swimlane surveyed 500 IT and security decision-makers across the United States and the United Kingdom. The findings indicate a clear need for streamlined workflows, stronger cross-team alignment and intelligent automation to bring order to the chaos - restoring confidence of management and the board in compliance readiness.

"The burden of compliance weighs heavy on security and GRC teams, and the pain is growing faster than teams can adapt," said Michael Lyborg, CISO at Swimlane. "Regulations are shifting, expectations are rising, and yet most organizations still rely on processes that were never designed for this level of complexity. Until now, everything has been massive spreadsheets. Without better coordination and smarter workflows, even well-intentioned programs will fall short."

Key Takeaways

  • The Compliance Burden Is Getting Heavier: 96% of organizations say it's challenging to keep up with the growing number of industry regulations, and only 29% report that their compliance programs consistently meet internal and external standards.
  • Fragmented Tools, Fractured Processes: 92% of respondents rely on three or more tools to gather audit evidence, often resulting in duplicated effort and disjointed workflows. On average, just 39% of the audit evidence process is automated.
  • Manual Work Is Costing Time - and Accuracy: Over half of organizations (54%) spend more than five hours each week on manual compliance tasks. Unsurprisingly, 62% say their audit evidence-gathering process is at least occasionally error-prone.
  • GRC and Security Don't Speak the Same Language: 90% of organizations are concerned that poor collaboration between GRC and security teams is undermining audit preparation. Differing priorities, unclear roles and communication breakdowns are major barriers to alignment.
  • What's at Stake When Compliance Fails: Organizations cited financial penalties (39%), security breaches (36%), and reputational damage (36%) as the top risks of poor compliance management.

"Audit readiness is harder than it should be," said Jack Rumsey, Head of GRC at Swimlane. "Teams are wasting time chasing evidence, interpreting requirements in isolation and stitching together data across disconnected systems. This report highlights just how unsustainable that model has become - and why it's time to rethink how to manage compliance from the ground up."

Published Tuesday, April 15, 2025 10:34 AM by David Marshall
Filed under: ,
Get This Featured White Paper: Build a Better vSAN
You may also be interested in this white paper: AIOps Best Practices for IT Teams & Leaders
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<April 2025>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910