Saturday, 20th October 2018

Many businesses still have never heard of GDPR, or don’t understand it

New analysis has found that 15% of IT professionals in the UK, US and Germany have never heard of GDPR, even following its enforcement.

In an analysis of the views of 500 IT and cyber security professionals, global security software company Avecto found that as well as many businesses not knowing about GDPR, 25% had heard of it but did not understand it. It was also revealed that 47% of those questioned believe the regulation isn’t strong enough.

Of those that were familiar with GDPR and had processes in place to prepare for it, many are yet to implement relatively simple measures to contribute towards compliance. Just 33% of UK professionals said that they carry out a monthly audit of employee and customer data, and only 40% work for companies that restrict administrator rights to protect customer and employee data, even though a foundational principle of GDPR is controlling privileged access.

The findings also demonstrated that many companies do not have a dedicated member of staff to handle data protection. Only 63% and 46% of UK and US professionals respectively work at companies with an internal or external data protection officer, and just over 30% keep a data breach log in both of these regions.

Simon Langton, VP of Professional Services at Avecto, said: “It’s worrying that so many organisations are still confused by the regulation and what they need to do. With the regulation now in force, businesses are at risk of a fine if they aren’t operating in compliance with the regulation.

“GDPR does offer guidelines, but it is open to interpretation in terms of specific processes that businesses need to put in place. However, having access to the skills to manage data protection, regularly auditing data and implementing simple security measures, such as limiting administrative privileges and implementing application whitelisting software, is vital to help organisations keep data safe and achieve ongoing compliance.”

Despite 59% of cybersecurity professionals saying the widening workforce gap puts their organization...
Working with NCC, Everton FC deploys SureCloud GDPR Suite to help accelerate its compliance strategy...
Thycotic has released the findings from its 2018 VMworld survey of more than 250 IT operations prof...
The majority of executives (87%) around the world cite untrained staff as the greatest cyber risk to...
Gemalto has released the latest findings of the Breach Level Index, a global database of public data...
Report reveals over a third of businesses will increase investment in data governance.
Radware has released findings from its second annual web application security report, Radware 2018 S...
Lockpath, a leading provider of integrated risk management solutions has integrated its Keylight Pla...