How prepared are global organisations 100 days before the deadline for EU GDPR compliance on 25th May 2018?
Findings from over 1,000 companies, launched on data exfiltration day (X-Day), have shown that businesses have never been so close to being fully compliant to new data regulations, and for the first time, organisations identify the positive benefits of compliance.
The majority of businesses globally are prepared for GDPR
Over two-thirds of global businesses at 72% are confident they will have all required GDPR compliance processes in place by 25th May 2018. North America is the most confident region in world, with American and Canadian organisations saying they will be prepared at 84% and 75% respectively.
>See also: Achieving GDPR compliance with 100 days to go
Despite the on-going Brexit negotiations and uncertainty looming over the enforcement and effectiveness of the EU GDPR regulation on local businesses, the UK is the most confident nation in Europe, with 74% saying they will be ready by deadline day.
In comparison, Spanish businesses are a close second to the UK at 73%, dropping to 66% of French respondents. German organisations are the least confident in Europe at 61%.
Increased customer trust and loyalty towards businesses will be the main GDPR impact
Businesses worldwide believe there will be a variety of benefits they will gain from being GDPR compliant. Nearly half of all organisations surveyed, at 46%, say the most important benefit from being GDPR compliant is gaining customer trust to handle sensitive data. 31% of businesses believe the most important value from compliance is enhanced brand awareness. 18% of respondents felt GDPR compliance will increase customer loyalty is the most important benefit.
>See also: Why the cyber threat landscape could grow under GDPR
APAC, North America and Europe businesses believe the biggest positive impact from compliance is increased trust in handling customer data at 53%, 46% and 41% respectively.
European organisations lead the study in saying increased customer loyalty is the biggest impact at 22%, with North America and APAC following respectively at 15%, 14%.
Businesses investing as much as $5 million on compliance with Europe leading the way
On average, global organisations have so far spent $1,583,000 (£1,145,000) on GDPR compliance.
Globally, European businesses have spent the most on average on compliance with Germany leading at $1,969,000 (£1,424,000), followed by the UK with $1,798,000 (£1,300,000) with France completing the top three at $1,781,000 (£1,288,000).
>See also: How prepared are enterprises for the impending GDPR?
USA and Singapore tops regional spending in North America and APAC, investing $1,568,000 (£1,134,000) and $1,521,000 (£1,100,000) respectively on average.
Small and Medium Business have spent on average $1,263,000 (£893,000) so far on compliance, whereas large businesses have spent up to $5 (£3.5) million on compliance.
Businesses finally open their eyes to prioritise investment in DNS analysis over legacy firewall technology
A key element in EU GDPR is for businesses to provide adequate data protection. In response to this regulatory requirement, 38% of global organisations are convinced that better monitoring and analysis of DNS traffic is the best option to provide data protection in their networks, whilst 35% think securing network endpoints is best and only 21% choose to add more firewalls. This shows organisations are finally realising, after the various successful data breaches over the last year, that firewall technology is no longer adequate.
>See also: The governance, risk and compliance landscape is changing
APAC, North America and European organisations are confident in DNS monitoring and analysis technology at 40%, 37% and 36% respectively.
Commenting on the study figures, Herve Dhelin, SVP Strategy at EfficientIP said: “As organisations enter the final straight of GDPR compliance with 100 days to go, our research shows they have never been so close to regulatory compliance. There is still some work to do, but it is encouraging to see nearly three-quarters of businesses are ready and most organisations see monitoring and analysis of DNS traffic, not firewalls nor endpoints, is the best way of preventing data breaches.”