Almost all (94.2% of CISOs) believe that continuous controls monitoring will improve both compliance and security.

38.3% of CISOs cited cost as a challenge in implementing new or updated compliance frameworks.

53.7% of CISOs pointed to skilled staff as a major challenge in implementing new or updated compliance frameworks.

54.2% of respondents to the CISO Society survey feel that they have the talent to meet future regulatory requirements.

Research shows over 210 million compromised passwords.

Roughly half of CISOs (47.9%) cited evidence gathering as one of their greatest challenges in implementing new or updated compliance frameworks.

Only a fifth (20.5% of CISOs) said they have very little duplication in their compliance efforts.

Roughly one-sixth (15.8% of CISOs) endure quite a bit of duplication and 37.4% have some duplication in their compliance efforts.

78% of UK senior security decision makers reallocated budget from other business areas to meet DORA compliance requirements.

48% of UK senior security decision makers reallocated staff members from other projects.

66% of UK CISOs and senior security decision-makers believe that DORA will significantly increase cybersecurity costs in the long term.

Only 5% of CISOs consider their organisation's compliance program to be optimised for efficiency and continuous improvement.

30.3% of CISOs are challenged by control mapping in satisfying regulatory requirements.

Nearly 22% of CISOs said they haven’t looked at GRC tools yet.

Nearly one-third (33.2% of organisations) have incorporated automation without GenAI tools.

Approximately four out of five (79.8% of CISOs) believe that a reduction in manual processing is the biggest opportunity to add automation to their compliance and risk management program.

Just 16.3% of CISOs said they experienced cost savings when using technology to enhance their compliance program.

A staggering 80% of CISOs admit to unnecessary duplication in their compliance efforts.

Almost one in ten (9.6% of CISOs) said their relationship between compliance and security is in a period of complex negotiations while 8.5% said their relationship is out of sync.

The most commonly compromised password was "123456", being found in over 1.4 million breached credentials.