Vanta, the leading trust management platform, today released its annual State of Trust Report, an in-depth analysis uncovering global trends in security, compliance and the future of trust. Despite their best efforts, two-thirds of businesses (67%) say they need to improve security and compliance measures with nearly one in four (24%) rating their organization’s security and compliance strategy as reactive.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20231108108753/en/
Vanta’s annual State of Trust Report is an in-depth analysis uncovering global trends in security, compliance and the future of trust. Despite their best efforts, two-thirds of businesses (67%) say they need to improve security and compliance measures with nearly one in four (24%) rating their organization’s security and compliance strategy as reactive. (Graphic: Business Wire)
Businesses today are navigating an unprecedented security landscape. The expansion of attack surfaces in a post-pandemic hybrid world, combined with shrinking teams and budgets and the rapid rise of Generative AI, are fueling an urgent need for companies to improve — and prove — their security posture.
For companies of all sizes, limited risk visibility and resource constraints make it challenging to improve their security. Only four in ten organizations rate their risk visibility as strong. Meanwhile, one in four have downsized IT staff and 60% have either already reduced IT budgets or are planning to as they continue grappling with the challenging global economic environment.
Conducted by Sapio Research on behalf of Vanta, the State of Trust 2023 Report surveyed the behaviors and attitudes of 2,500 business leaders across Australia, France, Germany, the UK and U.S. to understand the challenges and opportunities they’re facing when it comes to security and trust management.
The security improvement imperative
With rising risk and shrinking resources, the message is clear: businesses need new methods to improve their security. Compounding the urgency is ever-evolving global regulation and the growing time-suck of complying with an increasing number of standards. In an environment where customers want more insight into a company’s security practices, organizations are at an impasse.
Two-thirds say that customers, investors and suppliers are increasingly looking for proof of security and compliance. While 41% provide internal audit reports, 37% third party audits, and 36% complete security questionnaires, one in eight (12%) admit they don’t or can’t provide evidence when asked. That means companies around the world are falling at the very first hurdle – costing them potential revenue and growth opportunities in new markets. Additionally:
- Businesses spend an average of 7.5 hours per week – more than 9 working weeks a year – on achieving security compliance or staying compliant.
- Over half (54%) are concerned that secure data management is becoming more challenging with AI adoption with 51% saying that using Generative AI could erode customer trust.
- The two biggest barriers to proving and demonstrating security externally are a lack of staffing and lack of automation to replace manual work.
- Only 9% of businesses’ IT budgets are dedicated to security, with 1 in 3 leaders saying their IT budgets are continuing to shrink.
- Identity and access management and data processing that doesn’t comply with regulations are the two biggest blind spots for organizations.
Despite all countries continuing to grapple with the unique set of security and compliance challenges, the survey findings illustrate the vast differences experienced across timezones:
- Leaders in the U.S. are most likely to delay entering new markets due to compliance requirements, admitting they’re not prioritizing compliance due to the financial investment.
- Respondents in Australia are the most concerned about Generative AI’s potential impact on customer trust.
- Germany is one of the most likely to say that the volume of standards and regulations is a barrier to maintaining a robust security program.
- 76% of leaders in France say they need to improve security and compliance, the highest of all markets.
- Organizations in Australia are least likely to be able to provide proof of compliance to customers.
- UK leaders are more concerned with keeping up to date with evolving regulations than any other market.
- Companies in the U.S. believe they could save at least 3 hours a week by automating security and compliance tasks – the highest of any country.
The trust management tipping point
Ultimately, better security improves efficiency, builds trust and boosts the bottom line. A majority 70% of leaders say that a better security and compliance strategy positively impacts their businesses thanks to stronger customer trust, while nearly three in four (72%) agree that a better security and compliance strategy would make them more efficient.
An overwhelming 83% of businesses have or plan to increase their use of automation, particularly for reducing manual work and streamlining vendor risk reviews and onboarding. All in, respondents believe they could save at least two hours per week – over 2.5 working weeks a year – if security and compliance tasks were automated.
“The business case for trust management is undeniable,” says Christina Cacioppo, CEO, Vanta. “For companies at the forefront of disrupting the security status quo, centralizing processes, automating compliance and accelerating security reviews can turn trust into a truly marketable advantage. By closing the loop on the security lifecycle from compliance through continuous monitoring and communication, businesses can transform how they build trust and ultimately unlock growth.”
The future of trust in an AI World
Automation and Generative AI are top of mind for IT and business decision makers with 77% of businesses already or planning to use AI/ML to detect high risk actions.
When done right, AI has an undeniable power to accelerate security workflows and transform trust. Respondents believe the biggest potential of AI will be improving the accuracy of security questionnaire responses (44%), eliminating manual work (42%), streamlining vendor risk reviews and onboarding (37%), and reducing the need for large teams (34%).
On December 5, Vanta will host VantaCon: The Future of Trust in an AI World. Bringing together the foremost experts on the intersection of AI and trust, VantaCon speakers include Christina Cacioppo, Aaron Levie, Nat Friedman, Andrew Reed, Sarah Guo, Harrison Chase, Eric Newcomer and much more. To learn more, visit https://vantacon2023.com.
About Vanta
Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Over 6,000 companies including Atlassian, Autodesk, Chili Piper, Flo Health and Quora rely on Vanta to build, maintain and demonstrate their trust—all in a way that’s real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, New York, San Francisco and Sydney. For more information, visit www.vanta.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231108108753/en/