Less than half of global executives believe GDPR compliance is relevant to their business, while a fifth admit they don't know - NTT Security Risk:Value report shows
Concerning numbers admit they do not know where corporate data is stored, or if all of their critical data is securely stored
LONDON, July 10, 2017 (GLOBE NEWSWIRE) -- Many global business decision makers are unaware of the implications of the forthcoming General Data Protection Regulation (GDPR), as well as other compliance regulations like PCI-DSS and ISO27001/2, with one in five admitting they do not know which regulations their organization is subject to. This is according to the 2017 Risk:Value report, commissioned by NTT Security, the specialized security company of NTT Group, which looks at attitudes to risk and the value of information security to the business.
The survey of 1,350 non-IT executives across 11 countries, reveals that just four in ten (40%) respondents globally believe their organization will be subject to the EU GDPR. Perhaps of most concern is the one in five (19%) who admit they don't know which compliance regulations they are subject to. In the UK, just 39% of respondents currently identify GDPR as a compliance issue, and 20% admit they don't know, while those outside of Europe are even less aware. Just a quarter of business decision makers in the US, 26% in Australia, and 29% in Hong Kong believe they are subject to the GDPR, despite the fact it will apply to any business holding or collecting data on European citizens.
Coming into force on 25 May 2018, the legislation leaves companies with less than a year to comply with strict new regulations around data privacy and security and could result in penalties of up to €20 million or 4% of global annual turnover, whichever is higher
With data management and storage a key component of the GDPR, the Risk:Value report also reveals that a third of respondents do not know where their organization's data is stored, while just 47% say all of their critical data is securely stored. Of those that know where their data is, fewer than half (45%) describe themselves as 'definitely aware' of how new regulations will affect their organization's data storage. Those in Financial Services & Banking and Computer Services & Technology are most likely to know where their data is stored and which compliance regulations they are subject to.
"In an uncertain world, there is one thing organizations can be sure of and that's the need to mark the date of 25 May 2018 in their calendars," according to Garry Sidaway, SVP Security Strategy & Alliances at NTT Security. "While the GDPR is a European data protection initiative, the impact will be felt right across the world for anyone who collects or retains personally identifiable data from any individual in Europe. Our report clearly indicates that a significant number do not yet have it on their radar or are ignoring it. Unfortunately many organizations see compliance as a costly exercise that delivers little or no value, however, without it, they could find themselves losing business as a result, or paying large regulatory fines."
Quantifying the threat - reputation, revenue and resignations
- One in eight respondents believe that poor information security is the 'single greatest risk' to the business. The most commonly reported risk is 'competitors taking market share' (28%).
- According to Risk:Value, 57% of decision makers believe a data breach is inevitable at some point.
- The impact of a breach will be two-fold, with respondents expecting a breach to affect their long-term ability to do business, together with short-term financial losses. More than half (55%) cite loss of customer confidence, damage to reputation (51%) and financial loss (43%), while 13% admit staff losses and 9% say senior executive resignations would impact them.
- The estimated cost of recovery, on average, has increased from $907,000 in 2015 to $1.35m in 2017.
- The estimated impact on revenue has decreased from 12.51% in 2015, but is still a significant 9.95%.
- Only just over half (56%) of decision makers report that preventing a security attack is a regular item on the board agenda, suggesting that more needs to be done to get it taken seriously at a boardroom level.
- Respondents estimate on average that only 15% of their organization's IT budget is spent on information security - although this figure has gone up from 13% in 2015 and 10% in 2014. Many report that they spend less on security than on R&D (31%), sales (28%), and marketing (27%).
The need to drive a culture of security
- 56% of business decision makers say their organization has a formal information security policy in place, up from 52% in 2015. Just over a quarter (27%) are in the process of implementing one - 1% have no policy or plans to implement one.
- However, while the vast majority (79%) say their security policy has been actively communicated internally, a minority (39%) says employees are fully aware of it. Germany and Austria (85%) are above average in communicating the policy, together with the US (84%) and the UK (83%).
- The percentage of respondents with an official information policy is unevenly distributed on a per-country basis. In Sweden the figure is just 30%, while in the UK, 72% claim an official policy. By sector, healthcare leads the way, with 69% of companies claiming an official information security policy. Finance comes a close second (66%).
- Less than half (48%) of organizations have an incident response plan, although 31% are implementing one. But just 47% of decision maker respondents are fully aware of what the incident response plan includes.
Download the 2017 Risk:Value report: www.nttsecurity.com/RiskValue2017 .
For additional Risk:Value resources: https://www.nttcomsecurity.com/en/templates/WideangleLandingPage.aspx?p=2875&pv=14629 .
Notes for editors:
Commissioned by NTT Security, the 2017 Risk:Value research was conducted by Vanson Bourne in March to May 2017. 1,350 non-IT business decision makers (35% at C-level) were surveyed in the US, UK, Germany and Austria, Switzerland, France, Sweden, Norway, Hong Kong, Australia and Singapore. Organizations had more than 500 employees and were selected across a number of core industry sectors. Approximately a third of responses came from the financial services sector.
About Vanson Bourne
Vanson Bourne is an independent specialist in market research for the technology sector. Our reputation for robust and credible research-based analysis, is founded upon rigorous research principles and our ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit www.vansonbourne.com.
About NTT Security
NTT Security is the specialized security company of NTT Group. With embedded security we enable Group companies (Dimension Data, NTT Communications and NTT DATA) to deliver resilient business solutions for clients' digital transformation needs. NTT Security has 10 SOCs, seven R&D centers, over 1,500 security experts and handles hundreds of thousands of security incidents annually across six continents.
NTT Security ensures that resources are used effectively by delivering the right mix of consulting and managed services for NTT Group companies - making best use of local resources and leveraging our global capabilities. NTT Security is part of the NTT Group (Nippon Telegraph and Telephone Corporation), one of the largest ICT companies in the world. Visit nttsecurity.com to learn more.
For further information, contact Press Office, t. firstname.lastname@example.org or visit www.nttsecurity.com.
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: NTT Security (UK) Ltd via Globenewswire
Om Nasdaq GlobeNewswire
One Liberty Plaza - 165 Broadway
NY 10006 New York
+1 212 401 8700http://www.nasdaqomx.com
NASDAQ (NASDAQ: NDAQ) is a leading provider of trading, exchange technology, information and public company services across six continents.
Følg saker fra Nasdaq GlobeNewswire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Nasdaq GlobeNewswire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Nasdaq GlobeNewswire
GlobeNewswire Test Release26.5.2018 07:00 | Pressemelding
LOS ANGELES, May 25, 2018 (GLOBE NEWSWIRE) -- This is a test from GlobeNewswire. Readers are advised to disregard. TESTING -- TESTING -- TESTING -- TESTING -- TESTING -- TESTING -- TESTING -- TESTING – -END- CONTACT: Karen Yu Director, GlobeNewswire Product Management Direct: +1 310 258 6917 Mobile: +1 626 389 7427 or Magali Rolandez Senior Manager, Media Relations/Content Distribution Europe Direct: +44 (0) 203 753 2215 Mobile: +44 (0) 7785 619 539
Medibio Corporate Health Extends Global Footprint Signing Contract with Jacobs Engineering25.5.2018 16:38 | Pressemelding
Jacobs, one of the world's largest engineering and environmental consultancy groups, has more than 70,000 employees globally SYDNEY, Australia and MINNEAPOLIS, May 25, 2018 (GLOBE NEWSWIRE) -- Medibio Limited (MEB or the Company) (ASX:MEB) (OTCQB:MDBIF), a mental health technology company, today announced a significant contract for Medibio's Corporate Health product with Dallas, TX-based Jacobs Engineering across their Asia Pacific, Middle East, and European divisions. Through the Mental Health Check-In, companies can offer employees an end-to-end mental health program, direct to their devices, to see how the mind and body are tracking. It's a personalized, private, and objective way to see the unseeable: mental health issues in the workplace. Employees are provided the opportunity to confidentially check-in on their mental health and receive personalized confidential results from both an objective biometric screening in conjunction with a 12-minute subjective survey. Employers receive
VIRGIN PULSE ANNOUNCES INDUSTRY-LEADING GDPR COMPLIANCE25.5.2018 14:00 | Pressemelding
Virgin Pulse Extends the GDPR's Strong Data Privacy Rights to All Clients and Members Across the Globe PROVIDENCE, R.I., May 25, 2018 (GLOBE NEWSWIRE) -- Virgin Pulse, the leading global provider of digital employee health, wellbeing and engagement solutions, today announced that it has achieved compliance with the EU General Data Protection Regulation (GDPR) for the Virgin Pulse platform. The company has also appointed Associate Counsel Beatrice Botti as Data Protection Officer (DPO) to oversee the Virgin Pulse privacy program. With this achievement, Virgin Pulse leads the market as the first company in the wellbeing and engagement industry to fully meet the comprehensive standards of the new GDPR data privacy law. The company has completed a thorough review of its internal data collection, storage and handling processes and implemented enhancements to achieve GDPR compliance and give all Virgin Pulse customers and members greater control over their personal data. The GDPR is the firs
Resverlogix Provides Unrestricted Educational Grant for Epigenetic Symposium at International Renal Congress25.5.2018 07:45 | Pressemelding
CALGARY, Alberta, May 24, 2018 (GLOBE NEWSWIRE) -- Resverlogix Corp. ("Resverlogix" or the "Company") (TSX:RVX) today announced that on Friday, May 25, 2018, at the European Renal Association - European Dialysis and Transplant Association (ERA-EDTA) Congress in Copenhagen, Denmark, the Company is supporting a symposium titled: "Epigenetics in CKD & CVD: A potential breakthrough therapy?" The symposium highlights the role of epigenetics and BET-inhibition in chronic kidney disease and cardiovascular disease, especially in patients with diabetes mellitus, and the significant unmet need that still exists in this patient population. The symposium is co-chaired by Vincent M. Brandenburg, MD - Nephrologist, Aachen, Germany and Kamyar Kalantar-Zadeh, MD - UC Irvine School of Medicine, Irvine, CA, USA, both leading scientists also serving as advisors to Resverlogix's Renal program. The speakers and agenda are as follows: Introduction Vincent M. Brandenburg, MD - University Hospital of the RWTH
Atico Reports Consolidated Financial Results for the First Quarter of 201824.5.2018 22:30 | Pressemelding
(All amounts expressed in US dollars, unless otherwise stated) VANCOUVER, British Columbia, May 24, 2018 (GLOBE NEWSWIRE) -- Atico Mining Corporation (the "Company" or "Atico") (TSX.V:ATY) (OTC:ATCMF) today announced its financial results for the three months ended March 31, 2018, posting a net income of $0.4 million. Fernando E. Ganoza, CEO and Director, commented, "The strong production and all-in sustaining cash cost of $1.85 achieved this quarter is not reflected in the financial results as a large concentrate shipment was delayed to the second quarter, along with the revenue associated with those tonnes. The shipping schedule is expected to stabilize during the second quarter, where we will then benefit from the additional shipped concentrate and recognized revenue. We anticipate strong financial results in the next quarter." Mr. Ganoza continued, "Our emphasis will continue to be on further strengthening our balance sheet, improving production costs and most importantly regional
Luxembourg Announced as SNOMED International's Newest Member24.5.2018 15:16 | Pressemelding
London, United Kingdom, May 24, 2018 (GLOBE NEWSWIRE) -- SNOMED International and Agence eSanté Luxembourg are pleased to announce that Luxembourg has joined the organization as its thirty-second Member. Luxembourg, one of the leading nations in the area of information and communication technology, has set the development of eHealth technologies as a high priority. Agence eSanté, Luxembourg's national agency for the exchange and sharing of medical data, has set an overall mission to facilitate clinical information exchange both within Luxembourg and across other international actors. To work towards this reality, the agency has taken part in discussions about standardization across Europe, a contributing building block achieved with its membership in SNOMED International. With their membership, Agence eSanté has committed their support for the use of structured clinical terminology. When applied to the health sector, interoperability ensures that information systems, and through them h
I vårt presserom finner du alle våre siste saker, kontaktpersoner, bilder, dokumenter og annen relevant informasjon om oss.Besøk vårt presserom