A recent Imperva survey of 310 IT security professionals found that 55 percent of respondents are counting on artificial intelligence (AI) or machine learning solutions to bear some of their data protection workload over the next three to five years, and 27 percent said they’re expecting the same within the next year or two.
The survey also found that 22 percent of respondents haven’t yet hired a Data Protection Officer (DPO), a key requirement of the European General Data Protection Regulation (GDPR) for any organization processing personal data on a large scale.
Read our guide to GDPR solutions and vendors to help get your company ready for GDPR.
Of those that haven’t hired a DPO, 52 percent aren’t planning to hire one until the second half of 2018 or later. The GDPR takes effect on May 25, 2018.
When asked whether their company is preparing for GDPR, 16 percent said no, and 5 percent didn’t know.
“A crucial takeaway from this survey is that companies need to be engaging with GDPR compliance now,” Imperva CTO Terry Ray said in a statement.
“GDPR will rear its head in ways that nobody predicted, so engaging early and being ready for every possibility is absolutely crucial,” Ray added.
Six Percent Ready
Separately, a recent UK government survey of 105 companies in the FTSE 350 found that while 97 percent of respondents are aware of GDPR, just 6 percent said they’re fully prepared to meet the requirements.
Just 13 percent of respondents said GDPR is regularly considered by their board, and 45 percent of boards said they’re most concerned about meeting GDPR requirements relating to an individual’s right to personal data deletion.
And a recent NTT Security survey of 1,350 non-IT executives in 11 countries found that just 40 percent of respondents believe their organization will be subject to the GDPR, and 19 percent don’t know which compliance regulations they’re subject to.
Even in the U.K., just 39 percent of respondents identify GDPR as a compliance issue.
Just 47 percent of respondents say all of their critical data is stored securely, and 33 percent don’t know where their organization’s data is stored.
“While the GDPR is a European data protection initiative, the impact will be felt right across the world for anyone who collects or retains personally identifiable data from any individual in Europe,” NTT Security SVP Garry Sidaway said in a statement.
“Our report clearly indicates that a significant number do not yet have it on their radar or are ignoring it,” Sidaway added. “Unfortunately, many organizations see compliance as a costly exercise that delivers little or no value, however, without it, they could find themselves losing business as a result, or paying large regulatory fines.”