Businesses are still failing to prepare for the introduction of the General Data Protection Regulationin 2018, with only 38% of companies having any sort of plan that will protect their position when it comes into force, according toa report by Compuware.
However, two thirds of businesses said they are well-briefed on the GDPR and the impact it's likely to have on their business, which is an increase of 55% compared to the same point last year.
Compuware's report uncovered that US businesses are much better prepared than UK firms. 60% of companies over the pond have a detailed plan in place for dealing with the European customers' data, while only 19% of UK-based organisations described their preparation as 'detailed.'
"Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe," said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware.
"UK businesses may be behind due to initial uncertainty over the impact of Brexit," she added. "But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats."
The biggest barriers to companies developing a clear plan of action were data complexity and understanding what the regulations mean. Three quarters of businesses said the complexity of modern IT is making it too confusing to know where their customer data is. Only half said they know where all their customer data lives within their network and more than a third said they'd struggle to find the data if regulators asked for it.
"It will be impossible to comply with the GDPR's Right to be Forgotten if organisations can't find customer data," continued Maxwell.
"Due to its security and scalability, most large organisations store most of their customer data on the mainframe," she said. "This data usually resides in a complex rabbit warren of databases spanning multiple systems, and organisations use manual, time-consuming methods to find and extract it. Businesses need an automated way to map and visualise data relationships, so they can quickly find the specific and relevant data and delete it, without needing specialist skills."
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
UK financial services firms are scrambling to comply with DORA regulationsNews Lack of prioritization and tight implementation schedules mean many aren’t compliant
-
What the US-China chip war means for the tech industryIn-depth With China and the West at loggerheads over semiconductors, how will this conflict reshape the tech supply chain?
-
Former TSB CIO fined £81,000 for botched IT migrationNews It’s the first penalty imposed on an individual involved in the infamous migration project
-
Microsoft, AWS face CMA probe amid competition concernsNews UK businesses could face higher fees and limited options due to hyperscaler dominance of the cloud market
-
Online Safety Bill: Why is Ofcom being thrown under the bus?Opinion The UK government has handed Ofcom an impossible mission, with the thinly spread regulator being set up to fail
-
Can regulation shape cryptocurrencies into useful business assets?In-depth Although the likes of Bitcoin may never stabilise, legitimising the crypto market could, in turn, pave the way for more widespread blockchain adoption
-
UK gov urged to ease "tremendous" and 'unfair' costs placed on mobile network operatorsNews Annual licence fees, Huawei removal costs, and social media network usage were all highlighted as detrimental to telco success
-
Labour plans overhaul of government's 'anti-innovation' approach to tech regulationNews Labour's shadow innovation minister blasts successive governments' "wholly inadequate" and "wrong-headed" approach to regulation
