Majority of UK boards neglecting GDPR while retail suffers breaches
Majority of UK boards neglecting GDPR while retail suffers breaches

Sixty-nine percent of board-level executives are neglecting to ensure the UK businesses they run will comply with the incoming General Data Protection Regulation (GDPR), according to new research from cloud solution provider Calligo.

The findings show only 31 percent of respondents said they had governance sponsorship for GDPR at board level, and just nine percent said their compliance departments were giving them full support.  

The lack of preparation isn't for the lack of trying either: six out of ten (62 percent) respondents agree that the new regulation would affect the profitability of their business, including 19 percent who said the impact would be negative.

The figures were collected in a survey of 500 IT decision-makers from enterprise-sized companies examining how businesses are preparing for the new regulation.

“It is worrying to see signs that GDPR governance does not have the full attention of so many C-level executives,” said Julian Box, chief executive of Calligo in a press statement. “Too many of those at the top think it is all about security, when that is only a part of it.  

“The deadline for compliance is May 25 next year and any company that subsequently fails to handle data in the correct manner risks the severe penalties stipulated in the regulation.”

The survey found that only 43 percent of companies have appointed and/or resourced a data protection officer, despite this being a requirement of the GDPR for medium-sized and larger businesses. In IT and telecoms, the figure is just 37 percent, while in manufacturing and utilities it is just 36 percent.

On average, organisations said they will employ 10 people on the task of achieving GDPR compliance, with healthcare sector proving the most committed, devoting an average 26 employees. This compares with averages of nine in IT and telecoms and four in arts and culture.

Retail and the GDPR

The research comes as security firm Thales warns that as GDPR approaches, retail data breaches remain unacceptably high.

The report, issued by cyber security company Thales, in conjunction with analyst firm 451 Research, reveals that a staggering 43 percent of retailers had experienced a data breach in the last year, with a third (32 percent) claiming more than one.

Some 88 percent of retailers consider themselves vulnerable to data threats past year, according to the 2017 Thales Data Threat Report, Retail Edition, released today and announced in a release.

An increase in regulations such as the forthcoming EU GDPR has led to greater awareness and concern around issues of data privacy and sovereignty, with 72 percent of retailers claiming to be impacted.

Two in five retailers across the globe have experienced a data breach in the past year, according to the 2017 Thales Data Threat Report, Retail Edition, released today.