Story image

GDPR is imminent but 69% of businesses can’t secure customer data

07 Mar 18

​GDPR is looming over the heads of IT staff throughout Europe (and beyond) and yet data is still not being managed properly.

Claranet has released the findings from a survey that was carried out by Vanson Bourne of 750 IT decision makers in Europe – and surprise surprise, cybersecurity has emerged as a serious issue.

A whopping 69 percent of respondents stated that they were not able to secure customer data effectively, while 45 percent are encountering challenges around securing customer details when trying to improve the digital user experience.

Claranet says this points to a clear lack of a capability when it comes to managing security in a reliable manner.

On this topic, it appears that IT teams are struggling to acquire the skills and expertise needed to address this disparity. 44 percent identified security as one of the biggest challenges facing their organisation’s IT department (the most commonly cited challenge by a considerable margin), while 43 percent stated that improving security is one of the priorities for their IT departments over the next 12 months.

Claranet UK managing director Michael Robert says while a large number of organisations have said they will prioritise security over the next 12 months, GDPR is only a few months away – 25 May 2018 to be precise.

“There can be little doubt that data security is the most pressing issue facing businesses today and that sound security practices are the foundation on which businesses are built, but our research confirms this is an area that most businesses are failing in,” says Robert.

“The GDPR is on our doorstep, but it is clear that many organisations have their work cut out if they are to comply with the regulation. Thinking more broadly, the fact that almost seven in ten organisations can’t guarantee the security of their customer data is particularly concerning.”

Robert says part of the problem comes down to the fact that most internal IT teams simply don’t have the skills or time to keep up with the rapidly changing threat landscape as it’s not their core business.

“Our research has shown that organisations are very much aware of this problem, but also that they are still some way away from solving it,” says Robert.

“Businesses will need to stay alert to changes to legislation and the nature of prevailing threats, compliance and legislation as more and more data is stored and analysed, but security can slide down the list of priorities, jostling with ‘keeping the lights on’ maintenance activities and innovation.”

The findings also revealed there is to be some big money spent on cybersecurity in the coming years with European businesses set to ramp up their investments in IT security 37 percent over the next three years when compared to the last three.

While this is undoubtedly an encouraging sign that businesses are allocating more resources to security, money doesn’t fix everything and organisations still need to find a way of tackling these security concerns that is both quick and effective.

Robert says the focus on heavier investment in cybersecurity certainly bodes well for the future but more input is still required.

“It’s important to recognise that much still needs be done in terms of increasing cybersecurity capabilities at a pace rapid enough to ensure GDPR readiness and overall preparedness,” says Robert.

Businesses are aware of the challenges they face, but the current level of available expertise can hold back initiatives. By working with expert third parties, businesses can rapidly gain an extra layer of cybersecurity expertise and identify vulnerabilities and priorities for improvement, which is essential for organisations looking to grow their operations without compromising security.”

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Forcepoint and Chillisoft - “a powerful combination”
Following Chillisoft’s portfolio expansion by signing on Forcepoint, the companies’ execs explain how this is a match made in cybersecurity heaven.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.