General Data Protection Regulation

New Cybersecurity Industry Survey Exposes Widespread Concern About Upcoming GDPR

In a survey published this week by AlienVault, the leading provider of Unified Security Management and crowd sourced threat intelligence, it was revealed that there is widespread concern amongst the cybersecurity industry in the UK about GDPR. The survey was carried out at the recent Infosecurity Europe conference and had 900 respondents.

The survey revealed that nearly half of all respondents were more nervous about using cloud-based apps and fines and services in the face of large GDPR fines. More worryingly, 48% either don’t have, or aren’t sure if they have, data processing agreements set up with new cloud providers. This is integral to being compliant with the new General Data Protection Regulations and ensures that when processing data, cloud apps adhere to data protection requirements. Javvad Malik, security advocate at AlienVault said:

“Organisations with small and overstretched security teams, and limited budgets for cybersecurity, are likely to be extremely worried about the threat of GDPR fines. After all, the potential of having to pay up to 4% of global turnover could have a serious effect on a fledgling business potentially impacting earnings or funding opportunities. They could also lose customers through reputational damage and even have to consider making redundancies. Set against this backdrop, it’s easy to see why some might consider trying to cover up a data breach, rather than deal with the consequences. But this could lead to far greater problems for them in the long term.”

72 Hour Rule

50% of the respondents of the survey said that the 72 hour rule could do more harm to their business than good. Because of the large fines that can be levied under GDPR, people may be tempted to try and cover-up a data breach to avoid a large fine rather than reporting it in a less timely manner. A reason for this could be that 43% of respondents didn’t think that could identify and report a data breach within just 72 hours. Javvad Malik commented:

“Organisations with small and overstretched security teams, and limited budgets for cybersecurity, are likely to be extremely worried about the threat of GDPR fines. After all, the potential of having to pay up to 4% of global turnover could have a serious effect on a fledgling business potentially impacting earnings or funding opportunities. They could also lose customers through reputational damage and even have to consider making redundancies. Set against this backdrop, it’s easy to see why some might consider trying to cover up a data breach, rather than deal with the consequences. But this could lead to far greater problems for them in the long term.”

Add comment