The upcoming implementation of the Global Data Protection Regulation (GDPR) in May 2018 has many security experts on edge. However, they should really view the regulation as a great opportunity. For the first time, there is clarity – albeit not without some murky details – on where the future of cybersecurity is headed. But it appears that many security experts are reacting out of fear and making changes simply to “check-the-box,” rather than taking the time to assess the regulations and understand the steps their organization needs to take to fully comply.
To better understand U.S. companies’ overall awareness of, and preparedness to, address these new regulations, Experian Data Breach Resolution partnered with the Ponemon Institute to survey more than 500 individuals in IT security and compliance. The report, “Data Protection Risks & Regulation in the Global Economy,” found that despite having more than a year to prepare, only nine percent of organizations are actually ready to comply. In addition to this overwhelming lack of preparedness, the report also showed that companies are failing to take necessary steps – including fully understanding the regulation, properly engaging their senior leaders and investing in the right technology. These missteps, coupled with a quickly closing timeframe, are leaving many companies unprepared for the era of the GDPR.