Security News > 2020 > September > GRC teams have a number of challenges meeting regulatory demands

If GRC leaders don't have confidence in the accuracy and timeliness of security data provided to regulators, then the same holds true for the confidence in their own ability to understand and combat cyber risks.

92% of senior risk and compliance professionals believe it would be valuable to have quantitative security controls assurance reporting and 93.5% believe it's important to automate security risk and compliance reporting.

Only 11% state that their risk and compliance reporting is currently automated end to end.

"The challenge is being exacerbated by new risks introduced by IoT sensors and endpoints, which rarely consider security a core requirement and therefore introduce greater risk and increase the importance of controls and mitigations to address them."

"GRC leaders can enhance their confidence to accurately and quickly meet stakeholder needs by implementing Continuous Controls Monitoring, an emerging category of security and risk, which has just been recognised in the 2020 Gartner Risk Management Hype Cycle."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/lain9JjEMyg/