Compliance
Cybersecurity statistics about compliance
Showing 81-100 of 296 results
12 S&P 500 companies warn that new AI-specific rules will bring heightened compliance obligations and potential enforcement actions related to compliance and enforcement.
13 S&P 500 companies warn of sensitive exposure under the General Data Protection Regulation, Health Insurance Portability and Accountability Act, and California privacy laws (CCPA/CPRA) related to privacy.
6 S&P 500 companies highlight uncertainty over how courts will treat IP claims tied to AI training data or who bears liability when autonomous AI systems cause harm due to cross-cutting legal risks.
24 S&P 500 companies highlight risks spanning copyright disputes, trade-secret theft, and contested use of third-party data for AI model training related to intellectual property.
51% of data and IT leaders would shift their AI/ML deployment strategy for better data sovereignty/compliance
The approximate annual budget contractors are investing in compliance, as budgets have grown, is nearly $50,000.
70% of financial services firms report that delays in scheduling pentests sometimes impact compliance or business timelines.
More than 80% of small healthcare practices expressed confidence in their current HIPAA compliance posture.
64% of small healthcare practices believe patient portals are required for HIPAA compliance.
20% of healthcare practices do not utilise any form of email archiving or audit trail.
98% of small healthcare organisations falsely believe they are HIPAA compliant.
"Small" violations can cost healthcare practices anywhere from $25,000 to $9.76 million per incident.
One-third of small healthcare practices report not having enough time for compliance tasks.
66% of security services providers primarily use a GRC or compliance automation platform.
87% of security providers now offer compliance services.
44% of managed compliance providers state that at least a quarter of their compliance revenue is recurring.
28% of consulting-first security services firms report at least a quarter of their compliance revenue is recurring.
Cybersecurity Controls have been identified as one of the top three "hot" compliance topics for 2025, with 38% of investment adviser firms listing it as a leading priority.
46% of respondents at investment adviser firms reported increased compliance testing around AI—up from 32% last year, but 44% of firms that have adopted AI tools have no formal testing or validation of the outputs from their AI tools.
Cybersecurity ranks as the #2 top area for increased testing, with 55% of CCOs at investment adviser firms reporting heightened focus in this domain.