sb-nz logo
Story image

98% of firms still not quite sure about GDPR specifics

06 Oct 2017

The European Union’s upcoming GDPR regulations are causing many businesses to migrate their data to a new location as a result of the changing requirements for data protection, according to new findings from McAfee.

Out of 800 senior business decision-makers in eight countries (Australia, Singapore, Japan, Brazil, France, Germany, the UK and the US), 53% do not know where their data is located at all time.

Despite not knowing where their data lies, 48% are considering data migration as a result of regulations or changing government policies.

The EU’s GDPR comes into effect in May 2018 and will cast firmer laws for the personal data protection of more than 500 million people in the region.

70% of respondents believe that GDPR will crown Europe a world leader in data protection, although the United States remains the most popular data storage location.

McAfee chief scientist Raj Samani says that data protection is critical as it is one of the world’s most valuable assets.

“The good news is that businesses are finding that stricter data protection regulations benefit both consumers and their bottom line. However, many have short-term barriers to overcome to become compliant, for example, to reduce the time it takes to report a breach.”

On average, organisations take 11 days to report a breach, according to the report, and 63% believes there is a stigma attached to reporting breaches.

Some benefits for businesses include gaining new customers, according to 74% of respondents. 83% also take public sentiment towards data privacy into account when making data residency decisions.

However, political events and turmoil such as US policies and Brexit can also impact respondents’ technology acquisitions, with 51% saying they are being held back by external data protection regulations.

However, only 2% of respondents ‘really understand’ the laws that apply to their specific organisations, right down to all clause levels. 54% believe their organisation has a ‘complete understanding’ of those regulations.

Such wavering statistics shows that there are conflicting beliefs about data protection regulations, McAfee says.

Only 26% of respondents believe their organisation will be able to meet the GDPR’s 72-hour breach report deadline.

Most respondents wish to store data in countries with stringent data protection policies. While they may not like compliance laws, they do benefit customers and an organisation’s bottom line.

“Moving forward, increased awareness and understanding about a company’s data assets will lead to better usage and protection,” McAfee concludes.

Story image
Cybersecurity budgets still not keeping up with threats — report
Executive teams are failing to recognise the level of damage cyber-threats pose to organisations, according to Sophos — many of them taking a ‘conservative approach’ to cybersecurity expenditure.More
Story image
Case study: How Pattern helped SimTutor secure online education
SimTutor provides a software-as-a-service (SaaS) solution designed for online healthcare education and e-learning content creators.More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Story image
Imperva unveils new data security platform built for cloud
"The cloud has revolutionised IT, offering organisations a strategic opportunity to rapidly pursue new market initiatives and adapt their operations in the face of new business challenges."More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More