- Security TWENTY Home
- Women in Security Awards
A European GDPR survey of IT suppliers and end users suggests progress, but work to do, on the road to readiness before next year’s EU-wide general data protection regulation (GDPR) deadline, according to an IT services firm.
The research queried 250 executives at resellers, managed service providers (MSPs), consultancies, and other channel firms in the UK, Germany, France, the Netherlands, and Italy; and over 140 IT people at UK end-user companies. About a third, 36 percent, of the surveyed IT suppliers and 37 percent of the surveyed end users are in the process of carrying out plans for readiness. However, only ten percent of those same IT suppliers and only three percent of the end users felt they were fully ready. From May 25, 2018, any firm operating in the European Union (EU) or any firm that handles personal data of people who reside in the EU, could face fines of up to €20 million—or four percent of global turnover—if they fail to comply with these new data protection rules.
IT supplier respondents expect spending increases to come primarily from cloud storage, encryption, and two-factor authentication, alongside services such as risk assessments and network audits. A majority of surveyed end users plan to use resellers to help them fill these types of technology gaps. The top five technology areas to which IT leaders said they have dedicated, or will dedicate, additional investment in order to become compliant were: risk assessments (36 percent), cloud/online backup and recovery (31 percent), encryption (30 percent), storage (29 percent) and mobile device management (26 percent).
Tim Brown, vice president, security architect, SolarWinds MSP said: “Our main aim with this GDPR research report was to provide an overview of what factors IT providers and MSPs should be considering in the critical period running up to May 2018, helping them to pivot in the right way with their services. The results showed that while many IT providers and end users are some ways from being ready, many have made a good head start. MSPs have an opportunity to help serve in a trusted advisory role to their customers as they look in particular at how technology and consultancy can help address GDPR-readiness factors.”
The full report is available here.