Home » Organizations feel unprepared for new cybersecurity regulations

Organizations feel unprepared for new cybersecurity regulations

A newly released report reveals that despite increased cybersecurity budgets and strategy shifts, many organizations still feel unprepared for rising cybersecurity regulations. The report, based on a survey of 500 cybersecurity decision-makers at large enterprises in the US and UK, found that only 40% feel fully prepared to meet compliance demands. The survey, conducted by Swimlane, investigated how the changing regulatory environment influences security budgets and compliance strategies. According to Michael Lyborg, CISO at Swimlane, “Geopolitical turmoil and complex regulations have made cybersecurity a strategic imperative.”

He added that while regulations drive strategy changes and budget increases, talent shortages and fragmented infrastructure remain obstacles to compliance. Key findings from the report include:

1. 93% of organizations have rethought their cybersecurity strategy due to new regulations, with 58% completely reconsidering their approach. 2. 92% reported an increase in allocated budgets, with 36% seeing increases of 20-49% and 23% seeing increases over 50%.

Unprepared organizations adapt to regulations

3. Only 40% feel confident they have made the necessary investments to fully comply with relevant regulations. 4. 56% stated they could report security incidents within 1-2 business days, but 45% report increased reporting time over the past year. 5. Regarding the Cyber Resilience Act (CRA), only about one-third expressed full confidence in their current ability to meet key requirements. Cody Cornell, co-founder and chief strategy officer of Swimlane, emphasized the importance of robust cybersecurity for national security infrastructure based on his experience working at government agencies. He stated, “Our research shows a clear disconnect between the strategic changes organizations are making and their confidence in achieving full compliance. This highlights the need for a comprehensive approach that addresses not just technology investments but also talent, training, and streamlined workflows to navigate the dynamic regulatory environment.” The survey was conducted online by Sapio Research under the guidance of Swimlane in March and April 2024 using an email invitation and online survey among cybersecurity decision-makers at enterprise companies with at least 1,000 employees in the United States and United Kingdom.

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.