Majority of CISO’s begin prioritising GDPR compliance

Over half (52%) of financial services CISOs are focusing on GDPR compliance as an investment priority for the upcoming year, data from the Network Group Events’ 2017 Financial Services Information Security Network event shows.

The survey found that nearly three quarters (74%) of CISOs in the sector were prioritising security governance and compliance management in their cyber-security strategies, up from 64% at the 2016 event. This data highlights the areas of compliance CISOs will be focussing on ahead of the GDPR regulation coming into effect in May 2018.

>See also: Financial firms in NYC face stricter cyber security regulation

The results have also shown a growing number of CISOs are prioritising security awareness measures, with 46% placing awareness measures as an investment priority, a rise from 29% in 2016.

However, despite a number of high profile attacks including Tesco Bank and Talk Talk, CISOs continued to focus less on DDoS protection, with just 23% planning to invest in systems that combat these attacks.

>See also: Preparing for the GDPR breach notification law

Jake Summerfield, managing director at The Network Group Events said that “Financial institutions are facing what can seem like an overwhelming challenge to ensure their systems and processes are compliant with the incoming GDPR regulation, and it can be difficult to prioritise this amongst day-to-day security threats.”

“However, as our data shows, investment in GDPR compliance is clearly a key priority for CISOs. With this new regulation on the horizon, it’s not surprising that 74% of CISOs are prioritising investment in security governance and compliance management. Ensuring compliance with GDPR is going to be a momentous task for financial services firms as they adapt their processes and systems in line with the new regulation, but it’s crucial that these firms do not do so at the expense of investing in other vital security measures.”

>See also: Protecting employee data is crucial

The survey polled over 70 financial services security experts at the CISO or head of information security level about their cyber security strategies for 2017-18 and what measures they would be investing in.

More than two-fifths of the CISOs surveyed came from large firms with over 10,000 employees, whilst 39% of respondents were from financial services companies that had a turnover of over £1.6 billion.


The UK’s largest conference for tech leadership, Tech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Cyber Security