More than a year since the compliance deadline for the European Union’s General Data Protection Regulation (GDPR), and as regulators begin to announce the first significant fines for GDPR infringements, 30% of European firms polled are not confident their business is compliant.
Only 57% of respondents were confident their businesses comply with GDPR rules, while a further 13% were unsure, according to a survey conducted by the European Business Awards on behalf of audit, tax and consulting firm RSM.
A separate survey by data virtualisation platform Delphix found that some companies in the UK were leading their CEO to believe they are compliant with GDPR, when in fact they have significant amounts of unprotected personal data in test environments.
This was revealed when Delphix spoke to 50 custodians of data to hear what they had to say about the challenge of balancing access to data with data security.
A key finding that emerged was that many businesses were either unaware or unperturbed by the non-compliance of data used to test systems under development.
Perhaps even more shocking was a chief information security officer (CISO) admitting to telling their CEO that the company was GDPR compliant, despite having terabytes of unprotected personal data in non-production.
Delphix’s chief technology officer (CTO), Eric Shrock, said it was clear that the vast majority of top-level executives were unaware of how easily accessible their highly sensitive data was.
“Pair that with growing frustration among developers looking to acquire data quickly and we have the perfect recipe for disaster,” he said.
Support the originator by clicking the read the rest link below.
