Fewer than a fifth of enterprises have a notification plan in place for data breaches

No Comments

Keyboard with GDPR date

With the EU's GDPR legislation coming into force in a few months, and new and potentially tougher legislation on data breaches planned in the US, a new study reveals that many enterprises are under prepared.

The report from integrity assurance company Tripwire shows that less than a fifth (18 percent) say that they are fully prepared with a process in place to notify consumers in the event of a data breach. The majority (73 percent) say they are 'somewhat prepared' and would have to figure things out 'on the fly.'

In addition only 77 percent of companies subject to GDPR say they could meet the 72 hour notification window, with just 24 percent claiming they could notify customers of a data breach within 24 hours.

"When it comes to cybersecurity, it's short-sighted to figure things out on the fly," says Tim Erlin, vice president of product management and strategy at Tripwire. "The majority of data breaches and security incidents can be avoided by following basic security steps and implementing tried and tested foundational controls. With GDPR coming into effect this year, running a business without a fully baked plan is really asking for trouble."

Among other findings are that most respondents don't feel they are fully prepared for any aspect of a security breach. Only 18 percent feel they are fully prepared with a cross functional team in place to work across IT, finance and communications. Nearly three quarters (73 percent) are not fully prepared to protect customers and only a fifth (22 percent) feel prepared to absorb potential financial penalties as a result of a security breach.

"There are plenty of tried and tested frameworks available from governing bodies in the cyber security space that can help organizations who feel like they're struggling to prepare for a security incident and more specifically, GDPR," adds Erlin. "If you are an organization subject to GDPR -- and as the rules apply to all companies worldwide that process personal data of European Union (EU) data subjects, that will be the majority of global businesses -- you are not alone. Start researching for resources that cater to your needs now to help you prepare, so that you aren't hit with a big fine come May 2018."

You can find out more about the survey results on the Tripwire blog.

Image credit: Pe3check/depositphotos.com

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

How AI will shape the future of the legal industry

Start menu ads are rolling out to all Windows 11 users -- here's how to turn them off

Qualcomm introduces Snapdragon X Plus for Windows PCs

Free test lets you check how websites measure up to privacy rules

Audacity 3.5 adds cloud project saving for collaboration, backup and file versioning

Get 'Principles of Data Science -- Third Edition' (worth $39.99) for FREE

CISOs worry about gen AI leading to security breaches

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

20 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

17 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

12 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.