Skip to main content

UK businesses: More than half still unaware of GDPR

(Image credit: Image source: Shutterstock/Wright Studio)

Despite the fact that the media has dulled its teeth and worn out its keyboards, talking and reporting about the General Data Protection regulation (GDPR), less than half (47 per cent) of businesses in the UK are aware of the GDPR. What’s more, just four in ten (40 per cent) are fully aware of the NIS Directive. 

Both documents will be coming into effect in 2018, and will significantly change how we do business online. 

A new report, discussing the issue, also says just a third (33 per cent) of businesses are ready to meet both regulations. The report was created and published by LogRhythm, Gigamon, and Forescout Technologies. It is based on a survey of 2,000 IT professionals, and also says that 54 per cent worry about the effects Brexit will have on cyber-security regulations.

Almost half (44 per cent) know their company suffered a data breach. More than two-thirds (68 per cent) have lost sensitive data in the process. Eight in ten (80 per cent) think their confidential data may be vulnerable to attack. 

A vast majority (96 per cent) think visibility into their network is important, but three quarters (74 per cent) say they need to improve their detection, prevention and response capabilities.

“There’s clearly a long way to go when it comes to educating businesses on how to remain compliant as we approach the deadline for EU GDPR compliance,” said Ross Brewer, VP and MD EMEA at LogRhythm. “While these results indicate that businesses are concerned about how they can protect their data, it doesn’t appear to be translating into practice. Hackers are persistent and creative, and unfortunately more often than not they are able to get in, which can lead to substantial reputational damage – just look at the TalkTalk and Yahoo data breaches. Combine this with stricter rules and harsher punishments for lax security and the impact of a successful breach is even more serious. Having the ability to detect an attack as soon as it happens will be key to staying compliant with the new regulations and this can only be achieved by having full insight into networks. With fines of up to four percent of their global turnover at stake, businesses simply cannot afford to take the ‘wait and see’ approach.”

Image source: Shutterstock/Wright Studio