35.3% of teams at financial organizations automate access to high-risk systems requiring elevated privileges with real-time logging.

0.3% of financial organizations surveyed admitted to having failed an audit in the past year.

49.3% of teams at financial organizations spend 10–25 hours monthly preparing audit data.

8.9% of financial organizations are investing in identity lifecycle management.

35.2% of financial organizations plan to invest in real-time audit log solutions.

33.9% of teams at financial organizations use role-based access with limited audit trails for access to high-risk systems requiring elevated privileges.

Managing third-party access (35%), tracking least privilege enforcement (24.2%), and producing audit logs (23.1%) remain the biggest pain points for financial organizations.

52% of teams at financial organizations manage 10–20 high-risk systems requiring elevated privileges.

31% of teams at financial organizations revoke access to high-risk systems requiring elevated privileges in hours, while 38% do it instantly.

Apart from the GDPR and ISO 27001/27001, other regulations mentioned as challenging by financial organizations include SOX (10.9%), GLBA (8.4%), and NYDFS (7.4%).

17.7% of teams at financial organizations report spending 25+ hours monthly on gathering data for audits and access reviews.

25.1% of financial organizations plan to invest in compliance automation platforms.

Only 17% of healthcare organizations list compliance as a top concern.

42% of healthcare companies failed an identity-related compliance audit.

Nearly a third (29.5%) of iGaming operators found keeping up with new regulations "very challenging".

One in four (25%) flagged compliance navigation as their biggest challenge with security solutions.

Only 12% of companies feel "completely prepared" to address the global patchwork of data privacy laws.

Slightly more than a third (34%) of companies have implemented continuous monitoring for AI, highlighting a gap in managing AI-related risks and compliance failures.

When asked about the top challenges when acting on threat intelligence, 38% of CISOs said regulatory constraints.

51% of respondents said compliance and regulatory demands are the reason why AI workloads are in a combination of private cloud and on-premises environments.