When updating your board on current measures for cybersecurity and compliance, have you found there is more or less focus on compliance compared to last year?
Much more19%
More61%
Neither (same level of focus on compliance)16%
Less3%
Much less
62 PARTICIPANTS
Sort By:
Oldest
Global CISO2 months ago
The main problem when the focus on compliance requirements insead of security requirements is the fact, that the company leaders may fall into the "false sense of security" status. I heard several time the same statement (in different formats, but...): "We are certified, so we are secure!" Which is not true in all the cases. Compliance does not equal to security. Can help to convience the management to deploy a control "becasue this is required by XYZ compliance scheme", but I still beleive in that security (risk based) should come first. And compliance should be built on it. CISO in Bankinga month ago
The increased focus on cybersecurity and compliance over the past year is a positive trend that reflects the growing recognition of the importance of these areas. As cyber threats become more sophisticated and regulations more stringent, it is crucial for boards to prioritize these aspects to safeguard organizational integrity and trust. Enhanced attention to compliance not only helps in meeting regulatory requirements but also in building a robust security posture that can preempt potential threats. This proactive stance is essential for navigating the complex cyber landscape, ensuring resilience, and fostering a culture of continuous improvement in security practices.
Compliance requirements are like taxes. They never go down.