Most Companies Not Prepared for GDPR Data Privacy Compliance Deadline

184

Download the full 2018 GDPR COMPLIANCE REPORT here.

Crowd Research Partners today released the 2018 GDPR COMPLIANCE REPORT revealing that the majority of surveyed organizations is likely to miss the May 25th, 2018 compliance deadline for the European Union General Data Protection Regulation (GDPR).

“The survey reveals that only 40 percent of organizations confirm they are either GDPR compliant or well on their way to compliance by the May 2018 deadline,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn, which commissioned the study to identify organizations’ readiness for the new data privacy regulation, and how they plan to become compliant. “What is striking is the lack of GDPR expertise and an overall underestimation of the effort required to meet GDPR, which represents the most sweeping change in data privacy regulation in decades.”

The key findings of the study include:

  • A whopping 60% of organizations are at risk of missing the GDPR deadline. Only 7% of surveyed organizations say they are in full compliance with GDPR requirements today, and 33% state they are well on their way to compliance deadline.
  • While 80% confirm GDPR is a top priority for their organization, only half say they are knowledgeable about the data privacy legislation or have deep expertise; an alarming 25% have no or only very limited knowledge of the law.
  • The primary compliance challenges are lack of expert staff (43%), closely followed by lack of budget (40%), and a limited understanding of GDPR regulations (31%). A majority of 56% expect their organization’s data governance budget to increase to deal with GDPR challenges.
  • Approximately a third of surveyed companies report that they will need to make substantial changes to data security practices and systems to be in compliance with GDPR. The highest ranked initiative for meeting EU GDPR compliance is to make an inventory of user data and map it to protected EU GDPR categories (71%), followed by evaluating, developing, and integrating solutions that enable GDPR compliance.

Based on a comprehensive online survey of IT, cybersecurity and compliance professionals in the 400,000-member Information Security Community on LinkedIn, the 2018 GDPR COMPLIANCE REPORT has been produced in partnership with Alert Logic, AlienVault, Cavirin, Data443, D3 Security, Haystax Technology, and Securonix.

Download the full report.