anecdotes First State of Security Compliance Report: Results are In

Batya Steinherz
May 23, 2024
June 9, 2022
Check out anecdotes First Annual State of Security Compliance Report
Table of Contents

Let's talk a bit about assumptions.

The Oxford Dictionary defines an assumption as a thing that is accepted as true or as certain to happen, without proof. You know, it’s like simply expecting that “the check is in the mail”, “dinner will be served”, and “for sure, parking is definitely allowed here”.

When an assumption turns out to be correct, you're in luck. The expected outcome occurs and you save some brain cells along the way. But by nature, as assumptions aren't proof-based, they often don’t pan out as expected. Following assumptions can lead you down a mistaken path, to places you never meant to go. And so it may just turn out that payment was never sent, food wasn't on the agenda, and now, you'll have to walk home (and pick up your car from the pound).  

At anecdotes, we’re all about PROOF, backed up via, well, evidence. That's why in the fall of 2021, we embarked on an epic undertaking. We decided it was high time to dispel myths and undo previously held assumptions regarding Security Compliance, the types of challenges Compliance professionals deal with, and their most acute pain points. And so we kicked off anecdotes’ First Annual State of Security Compliance Report.


With the help of analysts and researchers, we surveyed Compliance leaders (individuals who work at tech companies and are leading or taking an active part in their company’s Security Compliance efforts) across companies of all stages of maturity and growth. We asked them loads of questions, to analyze how tech companies perceive and tackle Compliance and to gauge the state of Compliance today. Ultimately, we wanted to give Compliance professionals and teams a glimpse into their peers’ pain points across different stages of a company's maturity, help them identify potential challenge areas before they become too complicated, and explore methods other teams are employing to perform more optimally.

The results were surprising, to say the least.

Like, who knew that at hyper-growth companies, their most pressing pain points are lack of manpower (47%), followed by lack of automation (42%), lack of budget (29%), and the growing complexity of their tech stack (27%)? Or that delays throughout the audit process, often due to a lack of understanding of requirements by the control owners, is one of 42% of surveyed Compliance professionals’ greatest pet peeves?

We also uncovered the impact of COVID on Compliance program planning and initiatives, trends in how leadership perceives Compliance across companies large to small, how companies plan on using their budgets in the upcoming months and years, and so much more.

Want to know more? You’ll have to wait for next week when the report is released. ‘Til then, sit tight.

Why Should You Read the Report?

Well, we all know that Compliance is not necessarily an attention-grabber, the way other areas of concern, like cyber security or finance, are. But as any smart Compliance leader knows, when examined deeply, Compliance can tell the story of how the company has grown and more importantly, how it is poised to mature in the future.

This is why it’s becoming increasingly critical to understand and facilitate this journey – and the first step in that undertaking is identifying the greatest challenges and pitfalls to be faced – such as lack of leadership support, scarcity of budget and people-power, and audit delays, among other issues – and examining the methods companies are using to rectify those challenges.

Relying on mere assumptions can take a Compliance leader down a path of misplaced effort and wasted resources. The purpose of this report is to provide a crystal-clear assessment of the state of Security Compliance today. With this fundamental data in hand, you’ll be able to stop making assumptions and get true data-backed insights to make an impact across your organization.

The report is going live next week, don't miss your chance to download it!

Batya Steinherz
Veteran explainer of complicated stuff. Loves all things coffee and cyber security-related (yes, even Compliance). Content Marketing Manager at anecdotes.
Link 1
Link 1
Link 1