Compliance automation to confound cyber criminals

Sponsored Post Eminent US businessman Norman Ralph Augustine - who served as United States Under Secretary of the Army, as well as chairman and CEO of the Lockheed Martin Corporation - pointed to the importance of audit and compliance when he famously commented: "Two-thirds of the Earth's surface is covered with water. The other third is covered with auditors from headquarters."

And for companies today, the need to maintain and enhance levels of audit and compliance against the backdrop of an ever-worsening cyber security threat landscape has become more pressing than ever before.

Security breaches can happen at any time given the complexity of modern IT systems, but the threat is ramping up at an unprecedented rate. The Center for Strategic and International Studies report, The Hidden Cost of Cybercrime, warns that cybercrime incidents are now estimated to be costing the world economy in excess of $1trn annually.

Security and compliance breaches can cause operational disruption, lost revenue, customer dissatisfaction, and lead to potentially catastrophic legal or regulatory actions, according to a new white paper published by compliance automation specialist Drata. At the same time, legacy manual compliance practices struggle to keep up as key staff spend ever more time checking systems and filling in spreadsheets.

And after these labour-intensive processes, compliance officers must then map this evidence against internal policies and external compliance frameworks. Even so, by the time Augustine's auditors descend these snapshots may not turn out to be good enough.

Drata's research concludes that the answer to this problem is to ditch these legacy and inefficient manual compliance processes and replace them with automated systems that continuously and automatically monitor security controls 24-7 across all on-premises systems, cloud service providers and SaaS vendors. These systems can also automatically address minor compliance issues while generating alerts for more pressing issues that require staff intervention.

Drata argues that compliance automation can transform the audit experience "from a burden to an opportunity". This fundamental productivity shift can be achieved as automation streamlines the auditing process, while simultaneously improving compliance and security. Drata found that companies monitoring compliance manually "dread" requests for audits as they are forced to scramble to collect evidence, reconcile spreadsheets, and resolve any resulting issues.

However, with continuous monitoring and evidence collection, all the necessary compliance information is already, automatically, in one place. And certifying compliance continuously rather than at a point in time gives customers significantly more confidence in a company's ability to maintain compliance.

In a world where the danger posed by criminal and malicious cybercrime is growing year-on-year the importance of audit and compliance has never been greater. And it is these concerns that are in turn driving momentum for the mainstream adoption of compliance automation technologies.

To learn more download Drata's white paper here.

Sponsored by Drata.