VendorsRegScale
RegScale
Cybersecurity reports and statistics published by RegScale
8 categories2 reports
Research Reports
Reports and publications from RegScale
Recent Statistics & Reports
76.1% of CISOs said integrations are most important when selecting tools/vendors to provide governance and continuous controls monitoring.
1/1/2025•
ComplianceCI/CDTechnology
13.7% of CISOs said their compliance program is a 1 (“Initial: ad-hoc”), and 23% said their program is a 2 (“Established: documented and repeatable”).
1/1/2025•
ComplianceCompliance progran
Roughly two-fifths of CISOs are challenged by evidence gathering (41.5%) as a challenge in satisfying regulatory requirements.
1/1/2025•
ComplianceEvidence GatheringRegulatory Requirements
More than one-third of organisations (34.2%) hope to achieve their KPIs for compliance benchmarks by incentivizing success or by penalizing failure, or by implementing both incentives and penalties.
1/1/2025•
ComplianceKPIsIncentives
25.5% of CISOs assume current GRC processes are not broken.
1/1/2025•
ComplianceProcessStandardization
30% of CISOs spend less than $100,000 annually on compliance.
1/1/2025•
ComplianceCostBudget
41% of CISOs said that OSCAL adoption is hindered by both a lack of usage and a difficulty in understanding its importance.
1/1/2025•
ComplianceDocumentationProcess
69.7% of CISOs said cost is most important when selecting tools/vendors to provide governance and continuous controls monitoring.
1/1/2025•
ComplianceResourcesPersonnel
Of the organisations that measure the operational cost of managing compliance, 10.1% track IT costs.
1/1/2025•
ComplianceDuplicationProcess
40.4% of CISOs are challenged by the lack of a centralized system as a challenge in satisfying regulatory requirements.
1/1/2025•
ComplianceCentralized SystemRegulatory Requirements
50% of CISOs said that, on an annual basis, they spend more than $200,000 worth of capital and dedicated staff resources to achieve and maintain compliance across their organisation.
1/1/2025•
ComplianceCostBudget
46.2% of organisations said they don’t have a sufficient budget to invest in GRC tools.
1/1/2025•
ComplianceGRC ToolsBudget
Roughly 50% of CISOs expect automation to optimize compliance through a single pane of glass.
1/1/2025•
ComplianceAutomationGovernance
44.2% of CISOs consider security and compliance a business enabler.
1/1/2025•
ComplianceCI/CDIntegration
Almost one-third (31.1% of CISOs) believe that their company’s resistance to change is primarily driven by financial matters.
1/1/2025•
ComplianceCI/CDIntegration
Roughly 22.6% of CISOs rate their compliance program a 4 (“Adherence: measured with metrics to support audit and risk mitigation”), but only 5.3% believe their program is a 5 (“Optimized: continuous improvement and efficiency”).
1/1/2025•
ComplianceCompliance program
Stolen credentials are involved in nearly half (44%) of all data breaches.
1/1/2025•
ComplianceCentralized SystemRegulatory Requirements
Most organisations (57.9%) spend at least some of their budget on GRC tools to collect and maintain compliance evidence.
1/1/2025•
ComplianceGRC ToolsBudget
More than one-third (37.2% of CISOs) said that no platform has demonstrated its reliability for Compliance as Code.
1/1/2025•
ComplianceMetricsAudit
26.1% of CISOs cited the rate of regulatory change as a challenge in implementing new or updated compliance frameworks.
1/1/2025•
ComplianceRegulatoryCompliance frameworks
Showing first 20 results