C-Suite: GDPR Could Lead to Greater Risk of Breaches


Almost a quarter of UK and German businesses (23%) believe the GDPR may have resulted in a greater risk of data breaches, six months after the legislation was introduced.

The findings come from a new survey by Thales eSecurity which polled 1000 combined UK and German business executives and 2000 consumers to better understand attitudes to the sweeping data protection legislation.

“I think there are three main reasons businesses might feel more vulnerable as a result of the regulation. The first is that due to the complexity of the GDPR, organizations lack a solid understanding of how to confidentially protect all data appropriately,” solutions marketing manager, Jim DeLorenzo, told Infosecurity.

In fact, nearly a third (30%) of the CEOs, CIOs and CISOs interviewed felt that the introduction of the GDPR had led to increased complexity, with 40% of UK firms forced to seek guidance from the ICO in the first six months.

“Secondly, organizations may find that GDPR creates an internal distraction that draws resources away from other security activities, potentially resulting in an area of exposure,” he continued. “And finally, they may even think hackers will be more inclined to target businesses, due to the severe penalties faced by organizations who become victims of attacks.”

Trend Micro has warned in the past about the potential for hackers to target businesses concerned of the financial implications of reporting a major attack. Back in February it claimed that attackers could look to steal data and threaten to go public unless they receive a pay-out, calculated to be less than the approximate GDPR penalty.

However, with businesses still waiting to see how strictly regulators enforce the legislation, it’s unclear what these penalties would be. German chat app Knuddels became the country’s first business to be handed a fine this week.

Thales eSecurity also found rising consumer expectations about how personal data is managed.

The vast majority (86%) of respondents said they would consider switching from a company to a rival if it suffered a breach, with 69% claiming they’d also consider starting legal action against a firm found to have broken the GDPR.

The legislation has also changed the way companies interact with third-parties: 14% said it had created a negative impact on its international partnerships while 38% admitted being forced to completely change their security policies for contractors and vendors.

Products You May Like

Articles You May Like

Identifying common Microsoft 365 security misconfigurations
Bomb Threat Hacker Gets 8-Year Prison Sentence
NCSC Helping Man United Recover from Cyber-Attack
S3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tips [Podcast]
Cyberattackers could trick scientists into producing dangerous substances

Leave a Reply

Your email address will not be published. Required fields are marked *