지속적 컴플라이언스 관리가 사이버 공격에 대한 내성을 확대

This IDC Perspective details continuous compliance management to increase resilience to cyberattack. Cybersecurity compliance is often an underrated or "do at the last minute" or "because we have to" activity, but it is necessary and can be a powerful protection capability for organizations. Traditional methods of compliance are manual, time-consuming, and labor intensive and cover only portions of the overall IT estate where compliance is managed. However, this also leaves other portions of the IT estate noncompliant. IT estates exist in one of three states of compliance - general level of compliance, habitually noncompliant, and/or naturally noncompliant. In addition, the higher the level of compliance to cybersecurity policies and regulations, the higher the level of resilience to cybersecurity attacks an organization has. Conversely, the lower the level of compliance, the lower the level of resilience to cybersecurity attacks."Continuous compliance management is the most overlooked low-hanging fruit in the cybersecurity space today. There are new technologies that aid considerably in automating and orchestrating cybersecurity compliance continuously," says Philip Harris, research director, Governance, Risk, and Compliance Services at IDC. "Organizations that implement continuous compliance management will - in effect - significantly reduce the likelihood of successful cyberattacks, thereby dramatically increasing resilience."

Executive Snapshot

Situation Overview

• General Level of Compliance
• Habitual Gap of Noncompliance
• Natural Gap of Noncompliance
• Continuous Compliance Management Defined
• Traditional Compliance
• Traditional Compliance Costs and Impacts
• Continuous Compliance Management Benefits

Advice for the Technology Buyer

Learn More

• Related Research
• Synopsis