Trend Micro Research Reveals C-level Executives Are Not Prepared for GDPR Implementation
42 percent of businesses don't know email marketing databases contain PII
22 percent of businesses claim a fine 'wouldn't bother them' if found in violation
With the General Data Protection Regulation (GDPR) taking effect May 25, 2Trend Micro Incorporated18, businesses around the globe should be preparing accordingly. However, through a recent survey, Trend Micro Incorporated (TYO: 47Trend Micro Incorporated4; TSE: 47Trend Micro Incorporated4), a global leader in cybersecurity solutions, found that C-suite executives are not approaching the regulation with the seriousness required, resulting in overconfidence when it comes to compliance.
GDPR Awareness
The company's research reveals a robust awareness of the principles behind GDPR, with a strong 95 percent of business leaders knowing they need to comply with the regulation, and 85 percent having reviewed its requirements. In addition, 79 percent of businesses are confident that their data is as secure as it can possibly be.
Despite this perceived awareness, there is some confusion as to exactly what Personally Identifiable Information (PII) needs to be protected. Of those surveyed, 64 percent were unaware that a customer's date of birth constitutes as PII. Additionally, 42 percent wouldn't classify email marketing databases as PII, 32 percent don't consider physical addresses and 21 percent don't see a customer's email address as PII, either. These results indicate that businesses are not as prepared or secure, as they believe themselves to be. Regardless, this data provides hackers with all they need to commit identity theft, and any business not properly protecting this information is at risk of a penalty fine.
The Cost of Not Being Compliant
According to the survey, a staggering 66 percent of respondents appear to be dismissive of the amount they could be fined without the required security protections in place. Only 33 percent recognize that up to four percent of their annual turnover could be sacrificed. Additionally, 66 percent of businesses believe reputation and brand equity damage is the biggest pitfall in the event of a breach, with 46 percent of respondents claiming this would have the largest affect amongst existing customers. These attitudes are especially alarming considering businesses could be shut down in the event of a breach.
"Investing in state of the art equipment and employing data protection policies should be seen as a wise business practice, not an operational burden," said Rik Ferguson, vice president of security research for Trend Micro. "As a strategic security partner, we see it as our shared responsibility to help customers meet GDPR data security compliance."
Responsible Parties
Trend Micro also learned that businesses are uncertain as to who is held accountable for the loss of EU data by a U.S. service provider. Only 14 percent could correctly identify that the loss of data is the responsibility of both parties – 51 percent believing the fine goes to the EU data owner, while 24 percent think the US service provider is at fault.
In addition, it turns out businesses aren't sure who should take ownership of ensuring compliance with the regulation, either. Of those surveyed, 31 percent believe the CEO is responsible for leading GDPR compliance, whereas 27 percent think the CISO and their security team should take the lead. However, only 21 percent of those businesses actually have a senior executive involved in the GDPR process. Meanwhile, 65 percent have the IT department taking the lead, while only 22 percent have a board level or management member involved.
The Technology Required
With threats growing in sophistication, businesses often lack the expertise to combat them, and layered data protection technology is required. GDPR mandates that businesses must implement state-of-the-art technologies relative to the risks faced. Despite this, only 34 percent of businesses have implemented advanced capabilities to identify intruders, 33 percent have invested in data leak prevention technology and 31 percent have employed encryption technologies.
Trend Micro's commitment to GDPR compliance begins with its cross-generational XGen security, which protects personal data throughout enterprises. Its solution is optimized for all environments where data may be stored, whether that's physically, virtually, on the cloud, or in containers. XGen is a strategy and platform spanning across all Trend Micro solutions, connected to alert and reporting data breaches as they happen. This approach provides businesses with the state-of-the-art tools mandated by GDPR.
The Research
For more information about Trend Micro's findings on the pulse of business leaders regarding GDPR, check out the infographic and supplemental blog post. In partnership with Opinium, Trend Micro conducted its survey between May 22 and June 28, 2Trend Micro Incorporated17. The preceding results are gleaned from 1,132 online interviews with IT decision makers from businesses with 5Trend Micro IncorporatedTrend Micro Incorporated+ employees in 11 countries, including United States of America (USA), United Kingdom (UK), France, Italy, Spain, Netherlands, Germany, Poland, Sweden, Austria and Switzerland. Respondents of the survey hold either senior executive, senior management or middle management positions in multiple industries including retail, financial services, public sector, media and construction.
ข่าวTrend Micro Incorporated+Trend Microวันนี้
Trend Micro Successfully Concluded Risk to Resilience World Tour in Singapore, Manila and Ho Chi Minh City, Bringing Attack Surface Risk Management to Reality
Cybersecurity leader reaches out to most geographically diverse customer base in the industry to build resilience against cyber threats Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, brings its Risk to Resilience world tour to cities across Southeast Asia, to unveil new perspectives and key approaches for organisations to achieve long-term cyber resilience with a proactive risk-based approach to cybersecurity. The tour has completed stops in Singapore, the
"เทรนด์ไมโคร" เปิดตัวนวัตกรรมใหม่เพื่อการรักษาความปลอดภัยบนคลาวด์
การติดตั้งใช้งานเพียงครั้งเดียวที่สามารถเพิ่มการมองเห็นและการป้องกันสำหรับบัญชี AWS ภายในเวลาไม่กี่นาที เทรนด์ไมโคร อินคอร์ปอเรเต็ด (Trend Micro Incorporated) (TYO: 4704; TSE: 4704) ผู้นำด้านการรักษาความปลอดภัยทางไซเบอร์ระดับโลก ประกาศ...Cloud Security Usability to Skyrocket with New Trend Micro Innovation
Single deployment adds visibility and guided protection for AWS accounts in minutes Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced a new protection deployment model, Trend Micro...
เทรนด์ไมโคร เปิดวิสัยทัศน์ชี้ภาพรวมภัยคุกคามครึ่งปีหลัง พร้อมเปิดตัว Vision One แพลตฟอร์มขั้นสุด สร้างเกราะป้องกันภัยคุกคามไซเบอร์เชิงรุก
—
เทรนด์ไมโคร (T...
เทรนด์ไมโคร เตือนภัย Nefilim แรนซัมแวร์เก่งรีดไถ เป้าหมายโจมตีเหยื่อองค์กรระดับหมื่นล้าน
—
Trend Micro Incorporated ผู้นำด้านการรักษาความปลอดภัยไซเบอร์ เป...
Trend Micro Extends Container Security Solution to Work at the Speed of DevOps
—
Deep Security(TM) Smart Check identifies security issues prior to deploym...
Trend Micro Delivers Industry’s Fastest Network Inspection in the Smallest Form Factor With Release of TippingPoint TX Series
—
NSS Labs gives new Trend M...
Trend Micro and Europol Partner to Arm Financial Industry with ATM Malware Protection Joint report presents physical and network-based malware affecting ATMs
Trend Micro Reveals Top Ten Regions Affected by IoT Security Threats Smart Home Devices such as routers are vulnerable to cybercriminals