PUBLISHER: IDC | PRODUCT CODE: 1577766
PUBLISHER: IDC | PRODUCT CODE: 1577766
This IDC Perspective details continuous compliance management to increase resilience to cyberattack. Cybersecurity compliance is often an underrated or "do at the last minute" or "because we have to" activity, but it is necessary and can be a powerful protection capability for organizations. Traditional methods of compliance are manual, time-consuming, and labor intensive and cover only portions of the overall IT estate where compliance is managed. However, this also leaves other portions of the IT estate noncompliant. IT estates exist in one of three states of compliance - general level of compliance, habitually noncompliant, and/or naturally noncompliant. In addition, the higher the level of compliance to cybersecurity policies and regulations, the higher the level of resilience to cybersecurity attacks an organization has. Conversely, the lower the level of compliance, the lower the level of resilience to cybersecurity attacks."Continuous compliance management is the most overlooked low-hanging fruit in the cybersecurity space today. There are new technologies that aid considerably in automating and orchestrating cybersecurity compliance continuously," says Philip Harris, research director, Governance, Risk, and Compliance Services at IDC. "Organizations that implement continuous compliance management will - in effect - significantly reduce the likelihood of successful cyberattacks, thereby dramatically increasing resilience."