More than a quarter of organisations are still not GDPR ready, says study

The deadline to be GDPR compliant was the 25th of May. However, when the cyber security firm, Imperva conducted a survey at Infosecurity Europe in London last week, they found that 28% of organisations are still not prepared for it.

The survey based on the views from 185 attendees including IT professionals, managers and executives, also found that 16% were not confident they would pass their first GDPR audit.

>See also: 82% of organisations do not know where all their critical data is kept

Terry Ray, CTO of Imperva, said “Any company that put GDPR off until the last minute now realises compliance cannot be achieved overnight. It does not surprise me that many organisations feel unsure about the idea of a GDPR audit. The truth is many would fail.”

The survey asked if respondents knew where all users personal data resided on their system, more than a third said they do, while more than half said they would need an extra three months to get their house in order.

Contrarily, almost 90% said they could easily respond to requests from individuals asking to disclose the information they hold on them, with 57% saying their organisation had already received such a request.

>See also: Data breaches to fuel increase in global infosec spending

Tony Richards, group CISO at Falanx Group, said: “The results don’t surprise me as an indication of the state nationally. Organisations do seem fairly polarised on GDPR, with many businesses, especially SMEs either ignoring it or buying some basic policy packages peddled by “GDPR Experts” and thinking that they are covered.”

“On the other hand, you have organisations who are either using qualified consultants or investing internally to ensure that they are compliant. I think it boils down to whether the organisation, culturally, is customer-centric, and therefore they see value in protecting their customer’s privacy, or if they see it as a compliance issue with the bare minimum to be done, if at all.”

>See also: European workers showing security fatigue, says HPE Aruba

Nominations are now open for the Women in IT Awards Ireland and Women in IT Awards Silicon Valley. Nominate yourself, a colleague or someone in your network now! The Women in IT Awards Series – organised by Information Age – aims to tackle this issue and redress the gender imbalance, by showcasing the achievements of women in the sector and identifying new role models

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future