Doing Nothing More Costly Than Proper Security Compliance

The True Cost of Noncompliance, a Poneman Institute and Tripwire survey of 160 business people at 46 multinational firms, shows that noncompliance cost the companies $9.4 million in fines, penalties, lost revenue and productivity and data breaches. If the companies had invested in compliance, the cost would have been $3.5 million, the survey shows.

“Everyone is spending more money on compliance, but the ones that are getting more secure actually do reap business benefits and save the company money in the context of noncompliance costs,” explains Rekha Shenoy, vice president of strategy at Tripwire, in this article from InfoSecurity-US.com. “We thought this was really important, especially for [chief information officers, chief information security officers], and other security champions who are trying to prove to the business that investing in security is good for the company.”

The report also found that “28% of those surveyed did not conduct internal compliance audits, and only 11% conducted more than five internal audits each year.” Organizations that conducted three to five internal compliance audits each year had the lowest per capita compliance cost ($154), while those that did not conduct internal audits had the highest compliance cost ($341).

To read the article, click here:
http://www.infosecurity-us.com/view/15566/lax-compliance-costs-
more-than-strict-compliance-with-security-rules/

To get the full report, click here:
http://www.tripwire.com/ponemon-cost-of-compliance/