Are cyber security failings exposing the GDPR readiness gap?

Concerns over organisation-readiness toward the upcoming EU General Data Protection Regulation (GDPR) implementation deadline are rife.

A survey from Varonis, which polled 500 cybersecurity professionals in the UK, Germany, France and US, has highlighted the extent of GDPR readiness shortcomings, with more than half (57%) of professionals concerned about compliance with the standard.

With just a few months before the May 25, 2018 deadline, 60% of respondents in the EU and 50% of respondents in the US say they face some serious challenges in being GDPR compliant.

>See also: Cyber security industry believes GDPR is ‘stifling innovation’

It found that 38% of respondents report that their organisations do not view compliance with GDPR by the deadline as a priority. One in four US respondents said their firms need not comply with GDPR. However, 74% believe that adhering to the GDPR will give them a competitive advantage over other organisations in their sector.

For UK respondents, 58% think that implementing data protection by design poses the greatest challenge in meeting the GDPR, followed by the right to erasure/”to be forgotten.”

At the same time, in the UK, 51% of respondents say their organisation is more than 50% complete in their compliance process.

>See also: IoT boom and GDPR raise the stakes of a cyber security breach

“It’s encouraging to see progress made surrounding the GDPR, and yet it’s deeply concerning that more than half of the organisations surveyed continue to face compliance challenges,” said Varonis CMO David Gibson.

“The GDPR represents a significant change in the way data must be handled. It’s alarming that so many respondents simply aren’t worried, especially given that many organisations are not tackling the biggest problems and best practices around data collection, management and protection. Ignorance is not bliss when it comes to the GDPR, and organisations that have fallen behind in their preparations must ramp up their compliance activities or they could take a serious financial hit once the regulations take effect.”

Avatar photo

Nick Ismail

Nick Ismail is the editor for Information Age. He has a particular interest in smart technologies, AI and cyber security.

Related Topics

Cyber Security
GDPR