Language: EN | FR | 中文版

The Insider Threat Security Manifesto Beating the threat from within

Regulatory requirements

SOX Compliance

Only 50% of IT decision makers in US finance sector organisations told us they were SOX compliant. Among those in organisations of over 10,000 (and therefore more likely to be publicly listed), 78% told us they were compliant.

PCI DSS Compliance

Most businesses make card payment transactions, but the sectors where these tend to be high volume and PCI compliance is more important are naturally retail and finance. However, only 27% of IT professionals in retail businesses across the UK and the US told us they were PCI compliant, with 50% saying they didn’t know if they were or not. Finance was even worse, with 52% saying they didn’t know, and only 19% stating they were compliant.

HIPAA Compliance

IT professionals in the US health care industry appear to be stricter with regards to regulatory adherence, as 82% told us they were HIPAA compliant. However this did still leave 7% who said they were not, and 11% who didn’t know.

Know your regulatory requirements

The key outtake here is that generally, IT professionals are not as aware of the regulatory requirements that their industry is under as they perhaps should be. These regulations require IT decision makers to understand and address them, as technology is often central to ensuring they are met.


Make regulatory requirements a part of your security policy