New data from Crowd Research Partners indicates only 40 per cent of UK organisations are either GDPR compliant or well on their way to compliance by the May 2018 deadline.
The report highlights the lack of GDPR expertise and an overall underestimation of the effort required to meet GDPR, which represents the most sweeping change in data privacy regulation in decades.
The key findings of the study include:
- A whopping 60% of organisations are at risk of missing the GDPR deadline. Only 7% of surveyed organizations say they are in full compliance with GDPR requirements today, and 33% state they are well on their way to compliance deadline.
- While 80% confirm GDPR is a top priority for their organization, only half say they are knowledgeable about the data privacy legislation or have deep expertise; an alarming 25% have no or only very limited knowledge of the law.
- The primary compliance challenges are lack of expert staff (43%), closely followed by lack of budget (40%), and a limited understanding of GDPR regulations (31%). A majority of 56% expect their organization’s data governance budget to increase to deal with GDPR challenges.
- Approximately a third of surveyed companies report that they will need to make substantial changes to data security practices and systems to be in compliance with GDPR. The highest ranked initiative for meeting EU GDPR compliance is to make an inventory of user data and map it to protected EU GDPR categories (71%), followed by evaluating, developing, and integrating solutions that enable GDPR compliance.
The 2018 GDPR Compliance Report has been based on a comprehensive online survey of IT, cybersecurity and compliance professionals in the 400,000-member Information Security Community on LinkedIn, and has been produced in partnership with Alert Logic, AlienVault, Cavirin, Data443, D3 Security, Haystax Technology, and Securonix.
To download a copy, click here.