Story image

GDPR is imminent but 69% of businesses can’t secure customer data

07 Mar 2018

​GDPR is looming over the heads of IT staff throughout Europe (and beyond) and yet data is still not being managed properly.

Claranet has released the findings from a survey that was carried out by Vanson Bourne of 750 IT decision makers in Europe – and surprise surprise, cybersecurity has emerged as a serious issue.

A whopping 69 percent of respondents stated that they were not able to secure customer data effectively, while 45 percent are encountering challenges around securing customer details when trying to improve the digital user experience.

Claranet says this points to a clear lack of a capability when it comes to managing security in a reliable manner.

On this topic, it appears that IT teams are struggling to acquire the skills and expertise needed to address this disparity. 44 percent identified security as one of the biggest challenges facing their organisation’s IT department (the most commonly cited challenge by a considerable margin), while 43 percent stated that improving security is one of the priorities for their IT departments over the next 12 months.

Claranet UK managing director Michael Robert says while a large number of organisations have said they will prioritise security over the next 12 months, GDPR is only a few months away – 25 May 2018 to be precise.

“There can be little doubt that data security is the most pressing issue facing businesses today and that sound security practices are the foundation on which businesses are built, but our research confirms this is an area that most businesses are failing in,” says Robert.

“The GDPR is on our doorstep, but it is clear that many organisations have their work cut out if they are to comply with the regulation. Thinking more broadly, the fact that almost seven in ten organisations can’t guarantee the security of their customer data is particularly concerning.”

Robert says part of the problem comes down to the fact that most internal IT teams simply don’t have the skills or time to keep up with the rapidly changing threat landscape as it’s not their core business.

“Our research has shown that organisations are very much aware of this problem, but also that they are still some way away from solving it,” says Robert.

“Businesses will need to stay alert to changes to legislation and the nature of prevailing threats, compliance and legislation as more and more data is stored and analysed, but security can slide down the list of priorities, jostling with ‘keeping the lights on’ maintenance activities and innovation.”

The findings also revealed there is to be some big money spent on cybersecurity in the coming years with European businesses set to ramp up their investments in IT security 37 percent over the next three years when compared to the last three.

While this is undoubtedly an encouraging sign that businesses are allocating more resources to security, money doesn’t fix everything and organisations still need to find a way of tackling these security concerns that is both quick and effective.

Robert says the focus on heavier investment in cybersecurity certainly bodes well for the future but more input is still required.

“It’s important to recognise that much still needs be done in terms of increasing cybersecurity capabilities at a pace rapid enough to ensure GDPR readiness and overall preparedness,” says Robert.

Businesses are aware of the challenges they face, but the current level of available expertise can hold back initiatives. By working with expert third parties, businesses can rapidly gain an extra layer of cybersecurity expertise and identify vulnerabilities and priorities for improvement, which is essential for organisations looking to grow their operations without compromising security.”

Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.