Forty-seven percent of IT security professionals believe that security audit costs will increase in 2010, according to a recent survey by Ncircle, a provider of automated security and compliance auditing solutions. The online survey of over 250 security professionals was conducted between February 4 and March 12, 2010, and covered a range of security topics including smartphones, healthcare, cloud computing and social media.
Key findings include:
- 45 percent of respondents anticipate no change in 2010 security audit costs
- 8 percent expect a decrease in security audit costs in 2010
- 45 percent experienced increased security audit costs and only 6 percent saw a decrease from 2008 to 2009
- 83 percent of respondents report they are effectively identifying security and compliance issues prior to an audit
“The increasing complexity of regulatory requirements continues to be a key cost driver for many companies’ compliance initiatives”, said Elizabeth Ireland, VP of Strategy, Ncircle. “It is interesting to note that, while a significant percentage of companies believe they are identifying security and compliance issues prior to beginning an audit, organizations are not yet realizing the cost savings that can come from process maturity.”
Ireland continues: “Unless companies have a strategy that automates the continuous monitoring required for various regulations and can report on it to suit the requirements of a specific audit, the process remains very resource intensive and costly. There is definitely an opportunity for cost reduction here for the majority of organizations.” (Source: Ncircle Network Security, Inc./GST)