More than half of businesses in the UK have admitted that they know either nothing, or very little, of the financial consequences of not complying with GDPR. This is according to the latest report by Sophos, based on a poll of 625 IT decision makers in four countries.
The UK, Sophos says, is ‘far behind’ France and Benelux when it comes to being ready for GDPR.
Every fifth business in the countries where the poll was conducted (UK, France, Belgium, Luxemburg) said they could close if they were fined. More than a third predict there would be redundancies.
France is leading the charge, with 30 per cent of their businesses seeing GDPR as the number one priority. Benelux is second with 25 per cent. In the UK – just six per cent have prioritised GDPR.
A quarter (26 per cent) said Brexit has only made things more difficult, as well. In France and Benelux, 66 per cent of businesses are also more concerned about data security because of Brexit.
“Getting ready for GDPR is a long process. If regulators demonstrate that they are prepared to impose the maximum fines in May 2018, then businesses will seriously regret not being prepared,” said John Shaw, vice president of product management for the Enduser group at Sophos.
“With less than a year to go, 55 per cent of businesses are not confident that they will be able to comply by the deadline and are understandably distracted by for the need to demonstrate GDPR compliance. However, with data breaches occurring on an almost daily basis across Europe, I would argue that the top priority should actually be to reduce the risk of the data breaches. Reducing that risk doesn’t need to be complicated – concentrate on stopping the biggest causes of data breaches by making sure the basics are in place: keep all operating systems and software up to date, implement encryption for sensitive data, and educate all employees about the risk of phishing and other social engineering attacks.”
Image Credit: Pitney Bowes Software