[Reading time: 21 seconds]

I frequently hear complaints about the cost of compliance.

I can understand when it’s a regulation that forces a business to do something that is unnecessary and it is really just a costly “tick the box” exercise.

But, when it comes to cyber-related regulations (e.g. DORA), I don’t really understand.

Because most of the requirements in these regulations are just reflecting what it takes to effectively manage cyber risk.

And if you aren’t effectively managing cyber risk, the cost of an attack can be quite significant.

So what?

The cost of compliance is a bargain!