What are you looking for ?
Mobile Search Icon
Mobile Menu Icon
Infinidat
Articles_top

General Data Protection Regulation Survey – Guidance Software

Majority of US and UK companies behind schedule preparing for new regulation

This is a Press Release edited by StorageNewsletter.com on May 29, 2017 at 2:51 pm

Guidance Software, Inc., maker of EnCase, in forensic security, announced at Enfuse 2017 the results of a survey of companies on the General Data Protection Regulation (GDPR).

Set to go into effect on May 25, 2018, GDPR requires all organizations doing business in EU member countries to comply with new regulations governing the data privacy rights of EU citizens.

With nearly 5 billion data records exposed in the past 4 years alone there is a clear trend toward stronger protection of consumer data, and GDPR is a major first step in that direction,” said Anthony Di Bello, senior director, products, Guidance. “This data suggests that many organizations are, on the whole, behind schedule for compliance. Security leaders must make GDPR a priority over the next year in order to avoid major financial penalties.”

Highlights of the survey include:
    •    Companies are not far along with GDPR planning: Only 15.7% of companies surveyed are in advance planning for GDPR, while 24% of organizations say they will not be ready by the May 2018 deadline.
    •    Bigger companies are further along: 43% of organizations with $1 billion or more in revenues currently have processes that can identify data records of any EU citizen and determine where that data is being processed. This compares to 26.8% of organizations with less than $100 million in sales.
    •    Top 3 activities to be GDPR compliant: For all companies, thetop 3 activities to become GDPR compliant are:

Use/maintain policies/procedures for the anonymization and de-identification of personal data (24.9%).

Conduct a full audit of EU personal data manifestation (22.8%).

Use US Cloud repositories implemented with EU encryption (21.4%).

Evaluate all third-party operational partners that access personal data transfers (21.4%).

    •    Identifying data records of EU citizens: More than half of companies surveyed have not yet begun to evaluate third-party products or developer processes to identify data records of EU citizens.
    •    Hiring Data Protection Officers: When asked to prioritize the recruiting and training a qualified data protection officer, 23.7% named it a high priority; 18.1% named it a medium priority; and 15.4% named it a low priority.

The survey questioned 225 senior-level IT security executives from the US and UK in April 2017.

Articles_bottom
AIC
ATTO
OPEN-E