This results of this survey represents a hugely valuable opportunity to see how Cyber Security best practices are evolving across sectors and assesses the current state-of-play at a business level. In addition, with the upcoming enforcement of the General Data Protection Regulation (GDPR) on the 25th May 2018, Templar Executives investigated the security position of organisations – essentially, how prepared are they in terms of compliance? This article focuses on how ready employees feel their organisations are in terms of complying with the GDPR.
It appears that there is a high level of uncertainty regarding preparations for the legislation amongst employees. A staggering 43% of individuals felt that their organisation would not be ready, or did not know if their organisation would be ready, for the GDPR. A key article of the regulation is that organisations must take action to ensure compliance; with so little time left from the date of its enforcement, this is clearly a worrying statistic.
Under GDPR, the consequences of non-compliance and the cost of breaches will be significant. This will include fines of up to €20 million or 4% of an organisation’s annual global turnover, whichever is greater. There is also the inevitable business disruption, and damage to reputation and customer confidence. Yet, 27% of those surveyed said their organisations have never carried out a cyber security incident response exercise.
Further results showed that more than one third of those surveyed were not confident that their organisation had the tools to respond to a cyber incident. This is despite evidence that how an organisation responds in the first 24 hours is critical in terms of cost and impact.
Staff training and Cyber Security audits were ranked by participants as the most important factors for their organisation to implement. However, 30% of respondents said that the biggest challenge with regards to training was a difficulty in engaging employees. Relevant and appropriate training that resonates with employees is a must for any organisation looking to educate and upskill staff, thereby mitigating the risk of cyber breaches within their organisation.
Templar Executives’ unique GCHQ certified e-Learning course provides an overview of the GDPR for your whole organisation. It covers critical topics which will help staff understand the key principles through a range of engaging scenarios, and offers practical support for your organisation’s journey through GDPR implementation and ongoing compliance. To find out more, visit: https://www.templarexecs.com/gdpr-awareness-e-learning/