Dell has announced results of a global survey on the European Union’s new General Data Protection Regulation (GDPR), revealing that organisations ‒ both SMBs and large enterprises ‒ lack general awareness of the requirements of the new regulation, how to prepare for it, and the impact of non-compliance on data security and business outcomes.
Designed to strengthen protection of personal data for all EU citizens, the new regulation goes into effect in May 2018 and affects companies of all sizes, in all regions, and in all industries. Those not fully compliant when GDPR goes into effect risk significant fines, potential breaches and loss of reputation.
Survey results show that 82 percent of global IT and business professionals responsible for data security at both SMBs and enterprises are concerned with GDPR compliance. Although the majority of global IT and business professionals express compliance concerns, respondents lack general awareness of GDPR, and they are neither prepared for it now, nor expect to be when it goes into effect.
The study revealed that more than 80 percent of respondents say they know few details or nothing about GDPR and less than one in three companies feel they are prepared for GDPR today
Results further show that while organisations realise failure to comply with GDPR will impact both data security and business outcomes, they are unclear on the extent of change required, or the severity of penalties for non-compliance and how changes will affect the business. Seventy nine percent say they would not, or were not aware whether their organisation would face penalties in its approach to data privacy if GDPR had been in effect this past year.
John Milburn, Vice President and General Manager, Dell One Identity Solutions, said, “The European Union General Data Protection Regulation is the first update to European data protection laws since 1995, when the Internet was in its infancy and the constantly evolving cyber threats we know today did not exist. This survey reinforces the global lack of general understanding of GDPR, the scope of the regulation, and what organisations need to do to avoid stringent penalties. Results also show that while some organisations ‘think’ they are prepared, they will be in for a rude awakening if they experience a breach or must face an audit and are subject to the consequences of non-compliance with GDPR.”
The EU GDPR was adopted by the European Parliament and Council this year, and becomes fully effective in 2018.
Patrick Sweeney, Vice President, Product Management and Marketing, Dell SonicWALL, said, “This new regulation provides uniform data protection rights across the EU, and, to be in compliance, both European organisations and those outside of Europe that do business there must adopt an adaptive, user-centric, layered security model approach around the tenets of prevent, detect, respond and predict. To be GDPR-compliant, they need security solutions that enable them to prevent attacks, detect a potentially dangerous presence in their networks, respond quickly to that threat, and analyse and report on the health of their networks in real time.”