CYBERSTATS

Security Intelligence

VendorsRegScale

RegScale

Cybersecurity reports and statistics published by RegScale

8 categories2 reports

Research Reports

Reports and publications from RegScale

The CISO Society 2025 State of Continuous Controls Monitoring Report

he CISO Society 2025 State of Continuous Controls Monitoring Report

Recent Statistics & Reports

75% of retail and consumer goods and 62.5% of entertainment and media corporations are coping with the lack of a centralized system, but retailers are also challenged by silos within their data (75%).

ComplianceRegulatoryChange Management

Roughly 50% of CISOs expect automation to optimize compliance through a single pane of glass.

ComplianceAutomationGovernance

25.5% of CISOs assume current GRC processes are not broken.

ComplianceProcessStandardization

13.7% of CISOs said their compliance program is a 1 (“Initial: ad-hoc”), and 23% said their program is a 2 (“Established: documented and repeatable”).

ComplianceCompliance progran

More than a third (37.8% of CISOs) said their relationship between compliance and security is in a phase of simple negotiations.

ComplianceSecurity

69.7% of CISOs said cost is most important when selecting tools/vendors to provide governance and continuous controls monitoring.

ComplianceResourcesPersonnel

53.2% of CISOs take note of their organisation's regulatory requirements.

ComplianceDuplicationProcess

66.7% of education businesses are challenged by audit readiness and their maturing compliance program.

ComplianceAudit ManagementImplementation

230 million of the breached passwords met standard complexity requirements, including length, capitalisation, numbers and special characters.

ComplianceControl MappingRegulatory Requirements

30% of CISOs spend less than $100,000 annually on compliance.

ComplianceCostBudget

Most organisations (57.9%) spend at least some of their budget on GRC tools to collect and maintain compliance evidence.

ComplianceGRC ToolsBudget

Almost half of the CISOs who rated their compliance programs a 1 or 2 attributed their difficulties to a lack of personnel or resources.

ComplianceCompliance programPersonnel

Of the organisations that measure the operational cost of managing compliance, 10.1% track IT costs.

ComplianceDuplicationProcess

76.1% of CISOs said integrations are most important when selecting tools/vendors to provide governance and continuous controls monitoring.

ComplianceCI/CDTechnology

40.4% of CISOs are challenged by the lack of a centralized system as a challenge in satisfying regulatory requirements.

ComplianceCentralized SystemRegulatory Requirements

Almost one-third (31.1% of CISOs) believe that their company’s resistance to change is primarily driven by financial matters.

ComplianceCI/CDIntegration

26.1% of CISOs cited the rate of regulatory change as a challenge in implementing new or updated compliance frameworks.

ComplianceRegulatoryCompliance frameworks

43.6% of CISOs cited control mapping as a challenge in implementing new or updated compliance frameworks.

ComplianceControl MappingCompliance frameworks

38.5% of CISOs said GRC tools are too expensive.

ComplianceGRC ToolsCost

17.6% of CISOs believe that manual processes are easier than using Compliance as Code.

ComplianceProcessEfficiency

Showing 1-20 of 70 results

Top Categories

Regulatory Requirements

8

7

7

Related Vendors