Jul 11, 2017 General Comments Off on Less than half of global executives believe GDPR compliance is relevant to their business, while a fifth admit they don’t know – NTT Security Risk:Value report shows
LONDON, July 11, 2017 (GLOBE NEWSWIRE) — Many global business decision makers are unaware of the implications of the forthcoming General Data Protection Regulation (GDPR), as well as other compliance regulations like PCI-DSS and ISO27001/2, with one in five admitting they do not know which regulations their organization is subject to. This is according to the 2017 Risk:Value report, commissioned by NTT Security, the specialized security company of NTT Group, which looks at attitudes to risk and the value of information security to the business.
The survey of 1,350 non-IT executives across 11 countries, reveals that just four in ten (40%) respondents globally believe their organization will be subject to the EU GDPR. Perhaps of most concern is the one in five (19%) who admit they don’t know which compliance regulations they are subject to. In the UK, just 39% of respondents currently identify GDPR as a compliance issue, and 20% admit they don’t know, while those outside of Europe are even less aware. Just a quarter of business decision makers in the US, 26% in Australia, and 29% in Hong Kong believe they are subject to the GDPR, despite the fact it will apply to any business holding or collecting data on European citizens.
Coming into force on 25 May 2018, the legislation leaves companies with less than a year to comply with strict new regulations around data privacy and security and could result in penalties of up to €20 million or 4% of global annual turnover, whichever is higher
With data management and storage a key component of the GDPR, the Risk:Value report also reveals that a third of respondents do not know where their organization’s data is stored, while just 47% say all of their critical data is securely stored. Of those that know where their data is, fewer than half (45%) describe themselves as ‘definitely aware’ of how new regulations will affect their organization’s data storage. Those in Financial Services & Banking and Computer Services & Technology are most likely to know where their data is stored and which compliance regulations they are subject to.
“In an uncertain world, there is one thing organizations can be sure of and that’s the need to mark the date of 25 May 2018 in their calendars,“ according to Garry Sidaway, SVP Security Strategy & Alliances at NTT Security. “While the GDPR is a European data protection initiative, the impact will be felt right across the world for anyone who collects or retains personally identifiable data from any individual in Europe. Our report clearly indicates that a significant number do not yet have it on their radar or are ignoring it. Unfortunately many organizations see compliance as a costly exercise that delivers little or no value, however, without it, they could find themselves losing business as a result, or paying large regulatory fines.“
Quantifying the threat – reputation, revenue and resignations
The need to drive a culture of security
Download the 2017 Risk:Value report: www.nttsecurity.com/
For additional Risk:Value resources: https://www.nttcomsecurity.
Notes for editors:
Commissioned by NTT Security, the 2017 Risk:Value research was conducted by Vanson Bourne in March to May 2017. 1,350 non-IT business decision makers (35% at C-level) were surveyed in the US, UK, Germany and Austria, Switzerland, France, Sweden, Norway, Hong Kong, Australia and Singapore. Organizations had more than 500 employees and were selected across a number of core industry sectors. Approximately a third of responses came from the financial services sector.
About Vanson Bourne
Vanson Bourne is an independent specialist in market research for the technology sector. Our reputation for robust and credible research-based analysis, is founded upon rigorous research principles and our ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit www.vansonbourne.com.
About NTT Security
NTT Security is the specialized security company of NTT Group. With embedded security we enable Group companies (Dimension Data, NTT Communications and NTT DATA) to deliver resilient business solutions for clients’ digital transformation needs. NTT Security has 10 SOCs, seven R&D centers, over 1,500 security experts and handles hundreds of thousands of security incidents annually across six continents.
NTT Security ensures that resources are used effectively by delivering the right mix of consulting and managed services for NTT Group companies – making best use of local resources and leveraging our global capabilities. NTT Security is part of the NTT Group (Nippon Telegraph and Telephone Corporation), one of the largest ICT companies in the world. Visit nttsecurity.com to learn more.
For further information, contact Press Office, t. firstname.lastname@example.org or visit www.nttsecurity.com.