The colleagues from Trend Micro found that C-suite executives are not approaching the regulation with the seriousness required, resulting in overconfidence when it comes to the compliance of GDPR.
On the one hand, the research of Trend Micro proves that companies believe in their awareness of the principles behind GDPR. 95% of executives know that they need to comply with the regulation, 85% have reviewed its requirements, 79% think that their data is secure.
On the other hand, Gartner Inc. predicts that by the end of 2018, more than 50% of companies affected by the GDPR will not be in full compliance with its requirements. The research company recommends organizations act now and focus on five high-priority changes to get up to speed with GDPR requirements. The changes include the determination of a company’s role under the GDPR, appointment of a data protection officer (DPO), demonstration of accountability in all processing activities, checking of cross-border data flows and preparation for data subjects exercising their rights.
In order to start preparation, every company has to know what Personally Identifiable Information (PII) needs to be protected.
The survey of Trend Micro shows that the respondents don’t classify the following data as PII: a customer’s date of birth (64%), physical addresses (32%), a customer’s email address (21%)
The above-mentioned information is enough to commit identity theft. Moreover, a company that doesn’t protect this kind of information will face a penalty fine.
According to the survey, the amount of fine is another big issue. Penalties will reach an upper limit of €20 million or 4% or annual global turnover. Two third of the respondents appear to be dismissive of the amount they could be fined without the required data protection, while one third agree that almost 4% of their annual turnover could be sacrificed.
Speaking about the consequences of data loss for businesses, 66% think that a company’s reputation and brand can suffer immensely, while 46% believe that this will have the largest affect amongst existing customers.
It has to be mentioned that 65% of companies choose the IT Department to control the compliance of GDPR requirements, while only 27% believe that it is the CISO and security team that should deal with this.
GDPR mandates that companies must implement the most advanced technologies relative to the risks faced. However, the businesses invest to the same extent in intruder identification, data leak prevention and encryption technologies.
The General Data Protection Regulation (GDPR), created by the European Union, has been four years in the making, and was finally approved on April 14, 2016. The regulation goes into effect on May 25, 2018, and business all over the world should be well prepared to function under it.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!