NTT Security’s 2017 Risk: Value report brought to light some troubling statistics ahead of 25 May 2018 – the deadline for data compliance – suggesting one in five bosses were unsure whether GDPR applied to their company.Essentially, any data that can be used to identify a person, spanning gender, culture, even IP addresses and biometric verifications are considered personal. And if you’re in the business of using such data then you need to be GDPR compliant.
So there’s a lot to take into account, making the statistics unveiled in NTT’s 1,350-respondent strong survey worrying given that the legislation applies to any company in the world holding or collecting data from those living in Europe.“The fact bosses do not know and thus haven’t done their research means there is no plan of action in place,” Linda McCormack, vice president UK & Ireland at NTT Security, said. “While our respondents are not in an IT function, they should still be aware of any new compliance regulations affecting their company’s security and data, especially as the implications of non-compliance are very serious.“Many see it as a costly and time-consuming exercise that delivers little or no value to the business, yet without it, they could find themselves losing customers, or having to pay very large regulatory fines.’’Indeed, fines could be up to four per cent of total global annual turnover or €20m, whichever is greater. But companies could stand to loose much more if data compliance isn’t met. According to NTT, hacked UK companies that don’t follow GDPR procedure could face an estimated drop in revenue of 9.45 per cent. Some 64 per cent of survey respondents even claimed it could lead to a loss of customer confidence, as well as damaged reputation (67 per cent).
Despite this, only 47 per cent report that preventing a security attack is a regular boardroom agenda item. And while 65 per cent have an incident response plan in place, only 44 per cent are aware of what it entails.But of more concern, however, was that 39 per cent thought data compliance didn’t concern their business – the lowest percentage among the 11 analysed European countries. McCormack explained: “In theory, UK organisations should be well ahead of the curve when it comes to the EU GDPR, given that it is a European data protection initiative. Brexit is no excuse, as British companies will still need to comply when dealing with countries in the EU.”
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.