EU GDPR leaving 87 per cent of CIOs exposed

Egress Software Technologies announced today its findings of a CIO survey, which has highlighted a lack of confidence in IT systems designed to protect sensitive data when shared with third parties in compliance with EU Regulations.

In fact, the survey revealed that the majority of respondents, which amounted to 87 per cent, admitted concerns that their current information security policies and their procedures are not sufficient to comply with EU Regulations.

Furthermore, the current EU Regulations means some information security policies and practices are not only insufficient, they are putting their company at risk. Additionally the policies will also leave businesses exposed under the new EU General Data Protection Regulation (GDPR).

The survey also showed that over three-quarters of CIOs (77 per cent) are getting frustrated that despite advanced technology – such as encryption – being available to enable secure ways of working is lacking. Subsequently, employees are just not using the tools that IT are making available to them, which is creating even more risk for the business.

Other key findings include:

  • 87 per cent of CIOs are concerned their organisation might be exposed under the new EU regulation
  • 73.5 per cent are committing to tightening up data sharing processes in response
  • Only 20 per cent are focusing on accidental breach, despite research showing it is responsible for 93 per cent of incidents
  • 83 per cent admitted they would prioritise technologies based on perceived ease of deployment, rather than their ability to secure data
  • 77 per cent are frustrated that users choose not to use the data security tools made available to them
  • 87 per cent of these acknowledged this made their company more vulnerable

Egress CEO, Tony Pepper, commented: “This research is definitely a wakeup call for businesses’ priorities. Information security vendors are able to offer solutions that, for example, make email encryption as easy to use as standard mail by deploying it centrally across the enterprise and seamlessly integrating via ADFS, SAML2 or other protocols.

"The focus is now very much on delivering information security, but not at the expense of staff efficiency."

Image source: Shutterstock/Maksim Kabakou