No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights

5 Hidden Costs of Data Security and Compliance

by Hmong Vang
April 20, 2016
in Uncategorized
Don’t be caught off-guard by these costs of compliance

Data security is not optional. Organizations owe it to their clients to protect sensitive client data. And market forces in the form of reputation damage, revenue loss and hefty fines (for regulated data) ensure that there is plenty of incentive to do so.

As organizations move to address increasingly sophisticated security threats, they are often caught off guard by the many hidden costs of security and compliance, realizing (too late) that safeguarding data from current and future threats is more resource-intensive than first imagined—and is growing more so with each passing day.

In part 1 of this series, I’ve outlined five hidden costs of security and compliance that organizations often encounter when embarking upon data integration and management projects.

Hidden Cost #1: Not Just CAPEX

Most companies focus on capital expenditure (CAPEX) when deploying or enhancing integration platforms. Organizations typically budget costs for the front end of the project (planning, implementation, hardware, software, etc.), but overlook the fact that new technologies require extensive subject matter expertise to properly operate and maintain. The personnel resources to support a new platform are usually pulled from an existing team to save costs, but it could take months or even years before those resources gain enough training and experience to become proficient with the new technology. This is especially true if the issue of data compliance is at play, which requires an entirely different skill set. Ultimately, to avoid a single point of failure or knowledge drain, organizations eventually find that they need to hire additional resources for redundancy. All of this increases operational expenditure (OPEX); however, ongoing OPEX costs are not typically budgeted for or forecasted in the project.

Hidden Cost #2: “Tacking on” Security

Project management teams tend not to engage security and compliance teams until the latter phases of technology projects, depending on their SDLC frameworks. If these teams discover security or control issues with the implementation too late in the project schedule, the resulting problem is two-fold: (1) the issues may not be fully addressed before production, opening the organization up to risk and (2) it will cost significantly more to remediate those issues post production.

Hidden Cost #3: Continuous Compliance

If the project involves regulated data, independent attestations or certifications are required to show that your organization meets governing compliance standards such as HIPAA or PCI DSS. And while most organizations are prepared for initial certification costs, the costs of maintaining compliance and certifications over the long term are usually vastly underestimated–or overlooked entirely. These costs can be significant as enterprises struggle to keep up with ever-changing regulations and requirements that may demand new investments in technologies and/or expertise.

Hidden Cost #4: Continuous Creep

Similar to continuous compliance, continuous creep is another ongoing cost that organizations typically don’t anticipate. It’s the inevitable expansion—or creep—of an integration project as it grows to accommodate new data types, data sources, trading partners and technologies. And when dealing with sensitive or regulated data, every one of these additions must be accounted for in the overall compliance strategy. Therefore, as the scope of your project increases, so too does the scope of resources required to maintain compliance due to added complexity and/or need for additional controls.

Hidden Cost #5: Opportunity Cost

Perhaps the biggest hidden cost of all is opportunity cost. What innovations will never be made because an organization is focusing its resources on data security, compliance and “keeping the lights on,” rather than enabling new or expanded business capabilities?


Tags: Communications Management
Previous Post

EY Publishes Global Fraud Survey

Next Post

Netting Corruption in Southeast Asia, Part 1

Hmong Vang

Hmong Vang

HmongHmong Vang is Chief Trust Officer at Liaison Technologies. Hmong fosters direct trust relationships with Liaison’s customers, employees and partners by ensuring the company is consistently delivering on its information security, privacy and compliance commitments. Prior to joining Liaison, Hmong held strategic leadership positions at several global organizations including LabCorp, Covance and Equifax. Hmong holds a Bachelor of Science degree in Computer Engineering Technology from Southern Polytechnic State University.

Related Posts

stack of newspapers on laptop

The Social Construction of a Scandal

by Michael Toebe
December 9, 2019

Do corporate execs and legal counsel truly understand the role news media plays in establishing the narrative about fault and...

woman holding smartphone with many "like" and "heart" reactions

Engaging Social Media is More Effective Risk Management

by Michael Toebe
October 25, 2019

Social media communication is a rarely implemented risk management tool, but it should get more play. Michael Toebe makes the...

black and white illustration of shark jumping out of water

The Shark in the Wave: Revealing the Lurking Danger of Slack Data

by James Murphy
June 17, 2019

Hanzo’s Jim Murphy explores the danger of Slack data; voluminous, informal, unstructured and context-dependent, it’s a threat hiding in plain...

hand holding whatsapp icon on pink background

The FCPA Compliance Challenges in Using WhatsApp and How Companies Can Address Them

by Matteson Ellis
May 13, 2019

Matteson Ellis describes what a compliance policy for ephemeral communications should look like – a concern for Latin American countries...

Next Post
Netting Corruption in Southeast Asia, Part 1

Netting Corruption in Southeast Asia, Part 1

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT