Alert Logic Survey Finds Only 5 Percent of EU Companies Believe They are Compliant with GDPR
27 Percent Not Confident They Will Meet Deadline
LONDON, UK – October 18, 2017 – Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, today announced the results of a survey conducted with over 200 European based companies. The survey results show that while most of the surveyed companies (77 percent) are familiar with the EU General Data Protection Regulation (GDPR), only 5 percent believe they are compliant with all applicable requirements less than a year before the regulation goes into effect. A further 27 percent were not confident they will be ready by the time GDPR is enforceable in May 2018.
The European Union General Data Protection Regulation (EU GDPR) goes into effect on May 25, 2018 representing a sweeping change in data privacy regulations. EU GDPR requires organisations that host data on European citizens to adhere to specific regulations that protect their personal data from being compromised. If companies suffer a data breach, they can be fined up to €20 million or 4 percent of turnover, whichever is greater.
Survey respondents were asked what challenges their company faces in becoming compliant with EU GDPR regulations. The most frequently mentioned challenge is a lack of budget (50 percent), closely followed by a lack of in-house IT expertise (48 percent) and limited understanding of the regulations (37 percent).
“Among the many articles of GDPR, EU companies are most concerned about Article 25, ‘Data protection by design and by default,’ likely because it requires significant system re-design and investment in data protection controls and processes,” commented Oliver Pinson-Roxburgh, EMEA Director at Alert Logic.
While the majority of those surveyed (61 percent) stated they have a formal process in place to notify authorities in the event of a data breach, only 39 percent confirmed that they always follow this process.
In terms of the enforcement of GDPR, the survey also revealed that approximately one third of EU-based companies (32 percent) expect substantial changes to their companies’ security practices and technologies in order to become compliant with EU GDPR policies. Moreover, a further third of organisations expect that regulators will issue a significant number of fines to companies found to be non-compliant; however, 42 percent expect that only a few organisations will be fined for non-compliance.
“Complying with GDPR is not straightforward. It will require detailed planning and collaboration with all the businesses in your chain, as well as an efficient, solutions-based approach to breach detection,” said Pinson-Roxburgh. “Security-as-a-Service providers can speed detection and response by drawing from huge pools of data and dedicating threat detection and analyst teams to assess potential incidents and recommend remediation.”
24×7 security monitoring coupled with market-leading security technology and innovation enables companies to detect more complex attacks, reducing the chances of a cyber criminal hacking a business’ IT infrastructure. Additionally, the ability to gain immediate knowledge of attacks during a breach can assist in an incident response plan and provide evidence to support audit and compliance.
“The age of hoping that breaches don’t happen is beyond us; the intent of these regulations and standards are to help companies improve security, reduce the time to detection and be proactive in identifying as well as protecting their sensitive data,” Pinson-Roxburgh concluded.
To find out more, please read our “Brexit Won’t Get UK Out of General Data Protection (GDPR) Compliance) blog, watch the “Assess Your GDPR Cloud Security Readiness” webinar, or download the GDPR – Compliance in the EU report.
About Alert Logic
Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 4,000 organizations worldwide. Built for cloud scale, the Alert Logic patented platform stores petabytes of data, analyses over 400 million events and identifies over 50,000 security incidents each month, which are managed by its 24×7 Security Operations Centers. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Austin, Seattle, Dallas, Cardiff, Belfast and London. For more information, please visit www.alertlogic.com.