2018 GDPR Compliance Report

By Alex MacLachlan May 3, 2018 compliance, data-breach, incident-response

D3 Security is a sponsor of the newly released 2018 GDPR Compliance Report. The report was produced by Cybersecurity Insiders, and comprises results from a survey of more than 500 IT, cybersecurity, and compliance professionals about how their organizations are readying themselves for GDPR, which takes effect in a matter of weeks.

We recommend that you read the report to get the complete picture. In this post, we’ll highlight a few of the key findings.

Readiness

Something we have heard over and over during the countdown to GDPR is that organizations are not ready to be compliant. The report confirms this claim, with 60% of respondents saying they have either not started the compliance process or are not confident of achieving compliance in time for the May 25, 2018, enforcement date. Some respondents speculated they would only need a few months to become compliant; alarmingly, 14% said it would take them more than four years.

Lack of Resources

If so many organizations are unprepared for GDPR, the question becomes: why? What is preventing organizations from making the necessary changes, when the potential consequences of non-compliance are so high? The study reveals some of the reasons. 43% of respondents said a lack of experts with critical skills was an important factor. 40% cited a lack of budget. Despite a wealth of literature emerging during the lengthy lead-up period, limited understanding of GDPR remains an issue. 25% said they have limited or no familiarity of the specifics of the regulation.

Impact on Security Teams

The mandate of GDPR is so broad, that it will impact many groups within large organizations, including compliance, IT, and legal. D3’s primary domain is security—although we facilitate cross-departmental workflows—so were interested to read how survey respondents expected GDPR to affect their security teams. 25% said their Information Security team would have primary ownership of GDPR compliance, second only to IT. 84% expect changes to their security practices and systems as a result of GDPR, with 28% of those expecting substantial change.

D3 Can Help

As we previously described in a solution guide, D3 can be an important part of any organization’s GDPR compliance plan. D3 supports the strict breach reporting timeline with tools to rapidly detect, assess, and remediate incidents. D3 also helps establish repeatable compliant processes for investigations, reporting, and secure cross-department workflows—just to name a few GDPR-relevant features.

Read the GDPR Compliance Report to get a complete sense of how companies are preparing (or not preparing) for GDPR.

Alex MacLachlan

Alex MacLachlan

Alex is the Director of Marketing at D3. He oversees D3's marketing, communications, and digital programs. He enjoys fishing, "checking the analytics", playing golf and watching hockey - in that order.


Comments

comments for this post are closed