Crowd Research Partners released the new EU GDPR Report on identifying the impact of the new regulations on organizations and how they plan to be compliant. The study, sponsored by STEALTHbits Technologies, is based on input from over 500 global cybersecurity professionals who are members of the 370,000 member Information Security Community on Linkedin.
This survey reveals that while over 90% of the respondents indicated familiarity with the EU GDPR regulations, less than a third feel that they are compliant or well on their way to compliance. What is striking in this study is the marked contrast in level of preparedness and awareness between companies headquartered in the US and the European Union.
The key findings of the study include:
- While an overwhelming majority of surveyed organizations (approaching 90%) are familiar with the EU GDPR regulations, only about a third (32%) state that they are compliant or well on the way to compliance.
- Approximately 30% of surveyed companies report that they will need to make substantial changes to security practices and technology to be in compliance with EU GDPR policies.
- The primary challenges in becoming compliant with EU GDPR policies are lack of budget (32%), limited understanding of the regulations (29%), and lack of expert staff with critical skills (28%).
- The most important initiative in meeting EU GDPR compliance is to make an inventory of user data and map it to protected EU GDPR categories (49%), with the next most significant initiative to design applications and databases to have privacy enabled by default (31%).
- A substantial majority (65%) of organizations where EU GDPR compliance is a top priority already have or plan to have a Data Protection Officer (either in-house or outsourced).