CCI employees share latest surveys, reviews and evaluation on threat, compliance, governance, infosec and management points. Share particulars of your survey with us: editor@corporatecomplianceinsights.com.
61% take into account eradicating DEI language from outward-facing communications
A majority of C-suite executives (51%) are contemplating rolling again features of their DEI applications following President Donald Trump’s government orders focusing on such initiatives, based on new analysis from world regulation agency Littler. The agency’s post-inauguration survey, performed Jan. 30-Feb. 7, discovered that many organizations are focusing totally on decreasing the visibility of their applications reasonably than eliminating them completely.
Amongst executives contemplating DEI rollbacks, the biggest share (61%) are weighing whether or not to take away or scale back DEI-related language from their web sites, proxy statements and outward-facing communications. Extra substantial programmatic modifications are additionally into account, with 52% considering eliminating DEI benchmarks and metrics, 45% contemplating scaling again worker coaching and 38% probably ending incentives tied to advancing DEI priorities.
Regardless of these potential modifications, most organizations seem reluctant to dismantle their applications utterly. Solely 8% of the 340 C-suite leaders surveyed are severely contemplating important modifications, and simply 22% of these weighing rollbacks are contemplating decreasing or eliminating DEI-focused roles.
“We’re discussing methods to string the needle in a way that maintains dedication to variety and inclusion for all,” famous one government, reflecting the balancing act many firms are trying between sustaining office inclusion efforts and responding to the brand new political local weather.
Different key findings:
- 60% of organizations are awaiting additional particulars on the administration’s priorities and enforcement mechanisms earlier than making program modifications.
- 55% report elevated concern about DEI-related lawsuits, authorities enforcement actions and shareholder proposals following the inauguration.
- Giant organizations (5,000+ workers) are greater than twice as seemingly as smaller firms to be contemplating program modifications (37% vs. 16%).
- 53% of executives consider anti-DEI insurance policies from the Trump Administration, that are dealing with court docket challenges, will lead organizations to lower their DEI commitments over the subsequent 12 months — up from 38% pre-inauguration.
88% of depositors would settle for decrease returns for values alignment and deposit security
9 in 10 depositors would settle for a decrease fee of return on their deposits if their monetary establishment aligned with their values and assured the protection of deposits, based on new analysis from finserv agency Ampersand. The report, which incorporates surveys of 264 executives and senior managers concerned in deposit choices, reveals that liquidity of funds and strong safety measures are the components that may most enhance depositors’ experiences.
The research discovered that security and safety stay paramount issues for depositors, with 90% citing issues concerning the security of their deposits at the moment and even stronger issues for the long run. In response, 70% of respondents have already made modifications to their deposit conduct, primarily by shifting funds to bigger banks, utilizing deposit safety merchandise, or spreading funds throughout a number of establishments.
“Whereas security and safety stay on the forefront for Depositors, liquidity of funds can also be of utmost significance at the moment,” notes the report. “Totally insured deposits is within the prime 3 of what’s vital to Depositors when deciding the place to deposit their funds.”
Different key findings:
- 61% of respondents are restricted of their means to pick a brand new monetary establishment on account of present mortgage agreements, although 88% of these would take into account shifting deposits if they might.
- 88% of monetary companies professionals agree that demand for values-based banking merchandise has elevated lately.
- Whereas giant establishments are seen as finest geared up to supply engaging charges and security assurances, 58% consider mid-sized establishments are poised to supply tailor-made deposit options aligned with shoppers’ wants and values.
- Payment ranges, absolutely insured deposits, and engaging charges ranked as crucial components for non-financial sector depositors when selecting the place to put their funds.
- Key obstacles to switching monetary establishments embody present relationships, issues about switching prices, potential service disruptions, and the perceived complexity of the method.
48% of GRC professionals wrestle to maintain tempo with compliance modifications
Almost half of GRC professionals are discovering it troublesome to remain present with updates to present compliance frameworks, based on new analysis from Drata, a compliance automation supplier. The corporate’s analysis reveals that 96% of respondents cite high-profile breaches and compliance fines as causes GRC is getting extra consideration inside organizations.
Regardless of these challenges, 98% of execs surveyed consider GRC achievements are value highlighting to clients and different stakeholders to construct belief. The analysis additionally discovered that GRC groups spend a median of 14 hours per week on guide interventions, whereas 45% of respondents fear about balancing compliance with innovation, information privateness safety and sustaining operational resilience.
“Governance, threat, and compliance has lengthy been a ache level for organizations, and regardless of the enhancements we’ve seen lately, it’s clear lots of these challenges nonetheless exist at the moment, making it troublesome for enterprise to correctly preserve their GRC program and successfully preserve belief,” stated Matt Hillary, Drata’s chief data safety officer and VP.
Different key findings:
- 51% of companies skilled model security and fame points on account of insufficient compliance postures and processes.
- 49% reported safety or information breaches ensuing from compliance shortcomings.
- Whereas 100% of firms surveyed anticipate workers to extend their use of AI applied sciences within the subsequent 12 months, solely 10% have a GRC program absolutely ready to handle it.
- 46% consider AI will enhance regulatory compliance, however 43% worry AI biases impacting GRC choice making and 39% fear about AI hallucinations giving improper GRC steering.
Ransomware assaults improve as risk actors double, report finds
The variety of cyber risk actors practically doubled in 2024, rising 96% from 27 to 53 separate teams, based on new analysis from world cybersecurity consultancy S-RM. The agency’s 2025 “Cyber Incidents Insights Report” reveals that ransomware remained the main assault sort for the third consecutive 12 months, accounting for over one-third of all incidents the corporate responded to.
Regardless of the proliferation of risk actors, organizations have gotten extra resilient to ransom calls for. The proportion of incidents leading to ransom funds has practically halved since 2022, indicating improved organizational defenses and restoration capabilities.
“Final 12 months was about staying nimble and adaptable because the variety of risk actors proliferated,” stated Paul Caron, head of cybersecurity for the Americas at S-RM. “With elevated competitors for potential targets, cybercriminals sought out a greater variety of targets, going past giant firms to incorporate small and medium-sized companies.”
Different key findings:
- Exploited vulnerabilities in public-facing programs accounted for 39% of entry strategies in extortion instances S-RM supported in 2024.
- The variety of organizations posted on ransomware and data-theft leak websites grew by 13% in 2024, down from 70% progress the prior 12 months.
- Small companies are more and more within the crosshairs, with a 53% improve within the variety of small companies named on ransomware leak websites.
CCI employees share latest surveys, reviews and evaluation on threat, compliance, governance, infosec and management points. Share particulars of your survey with us: editor@corporatecomplianceinsights.com.
61% take into account eradicating DEI language from outward-facing communications
A majority of C-suite executives (51%) are contemplating rolling again features of their DEI applications following President Donald Trump’s government orders focusing on such initiatives, based on new analysis from world regulation agency Littler. The agency’s post-inauguration survey, performed Jan. 30-Feb. 7, discovered that many organizations are focusing totally on decreasing the visibility of their applications reasonably than eliminating them completely.
Amongst executives contemplating DEI rollbacks, the biggest share (61%) are weighing whether or not to take away or scale back DEI-related language from their web sites, proxy statements and outward-facing communications. Extra substantial programmatic modifications are additionally into account, with 52% considering eliminating DEI benchmarks and metrics, 45% contemplating scaling again worker coaching and 38% probably ending incentives tied to advancing DEI priorities.
Regardless of these potential modifications, most organizations seem reluctant to dismantle their applications utterly. Solely 8% of the 340 C-suite leaders surveyed are severely contemplating important modifications, and simply 22% of these weighing rollbacks are contemplating decreasing or eliminating DEI-focused roles.
“We’re discussing methods to string the needle in a way that maintains dedication to variety and inclusion for all,” famous one government, reflecting the balancing act many firms are trying between sustaining office inclusion efforts and responding to the brand new political local weather.
Different key findings:
- 60% of organizations are awaiting additional particulars on the administration’s priorities and enforcement mechanisms earlier than making program modifications.
- 55% report elevated concern about DEI-related lawsuits, authorities enforcement actions and shareholder proposals following the inauguration.
- Giant organizations (5,000+ workers) are greater than twice as seemingly as smaller firms to be contemplating program modifications (37% vs. 16%).
- 53% of executives consider anti-DEI insurance policies from the Trump Administration, that are dealing with court docket challenges, will lead organizations to lower their DEI commitments over the subsequent 12 months — up from 38% pre-inauguration.
88% of depositors would settle for decrease returns for values alignment and deposit security
9 in 10 depositors would settle for a decrease fee of return on their deposits if their monetary establishment aligned with their values and assured the protection of deposits, based on new analysis from finserv agency Ampersand. The report, which incorporates surveys of 264 executives and senior managers concerned in deposit choices, reveals that liquidity of funds and strong safety measures are the components that may most enhance depositors’ experiences.
The research discovered that security and safety stay paramount issues for depositors, with 90% citing issues concerning the security of their deposits at the moment and even stronger issues for the long run. In response, 70% of respondents have already made modifications to their deposit conduct, primarily by shifting funds to bigger banks, utilizing deposit safety merchandise, or spreading funds throughout a number of establishments.
“Whereas security and safety stay on the forefront for Depositors, liquidity of funds can also be of utmost significance at the moment,” notes the report. “Totally insured deposits is within the prime 3 of what’s vital to Depositors when deciding the place to deposit their funds.”
Different key findings:
- 61% of respondents are restricted of their means to pick a brand new monetary establishment on account of present mortgage agreements, although 88% of these would take into account shifting deposits if they might.
- 88% of monetary companies professionals agree that demand for values-based banking merchandise has elevated lately.
- Whereas giant establishments are seen as finest geared up to supply engaging charges and security assurances, 58% consider mid-sized establishments are poised to supply tailor-made deposit options aligned with shoppers’ wants and values.
- Payment ranges, absolutely insured deposits, and engaging charges ranked as crucial components for non-financial sector depositors when selecting the place to put their funds.
- Key obstacles to switching monetary establishments embody present relationships, issues about switching prices, potential service disruptions, and the perceived complexity of the method.
48% of GRC professionals wrestle to maintain tempo with compliance modifications
Almost half of GRC professionals are discovering it troublesome to remain present with updates to present compliance frameworks, based on new analysis from Drata, a compliance automation supplier. The corporate’s analysis reveals that 96% of respondents cite high-profile breaches and compliance fines as causes GRC is getting extra consideration inside organizations.
Regardless of these challenges, 98% of execs surveyed consider GRC achievements are value highlighting to clients and different stakeholders to construct belief. The analysis additionally discovered that GRC groups spend a median of 14 hours per week on guide interventions, whereas 45% of respondents fear about balancing compliance with innovation, information privateness safety and sustaining operational resilience.
“Governance, threat, and compliance has lengthy been a ache level for organizations, and regardless of the enhancements we’ve seen lately, it’s clear lots of these challenges nonetheless exist at the moment, making it troublesome for enterprise to correctly preserve their GRC program and successfully preserve belief,” stated Matt Hillary, Drata’s chief data safety officer and VP.
Different key findings:
- 51% of companies skilled model security and fame points on account of insufficient compliance postures and processes.
- 49% reported safety or information breaches ensuing from compliance shortcomings.
- Whereas 100% of firms surveyed anticipate workers to extend their use of AI applied sciences within the subsequent 12 months, solely 10% have a GRC program absolutely ready to handle it.
- 46% consider AI will enhance regulatory compliance, however 43% worry AI biases impacting GRC choice making and 39% fear about AI hallucinations giving improper GRC steering.
Ransomware assaults improve as risk actors double, report finds
The variety of cyber risk actors practically doubled in 2024, rising 96% from 27 to 53 separate teams, based on new analysis from world cybersecurity consultancy S-RM. The agency’s 2025 “Cyber Incidents Insights Report” reveals that ransomware remained the main assault sort for the third consecutive 12 months, accounting for over one-third of all incidents the corporate responded to.
Regardless of the proliferation of risk actors, organizations have gotten extra resilient to ransom calls for. The proportion of incidents leading to ransom funds has practically halved since 2022, indicating improved organizational defenses and restoration capabilities.
“Final 12 months was about staying nimble and adaptable because the variety of risk actors proliferated,” stated Paul Caron, head of cybersecurity for the Americas at S-RM. “With elevated competitors for potential targets, cybercriminals sought out a greater variety of targets, going past giant firms to incorporate small and medium-sized companies.”
Different key findings:
- Exploited vulnerabilities in public-facing programs accounted for 39% of entry strategies in extortion instances S-RM supported in 2024.
- The variety of organizations posted on ransomware and data-theft leak websites grew by 13% in 2024, down from 70% progress the prior 12 months.
- Small companies are more and more within the crosshairs, with a 53% improve within the variety of small companies named on ransomware leak websites.
