Windows News and info 15th Anniversary 2009-2024

General Category | GDPR - Important notice => Privacy Policy | GDPR Notice => Topic started by: javajolt on January 24, 2019, 05:07:48 PM

Title: GDPR Compliance Lowers Data Breach Frequency and Impact Says Report
Post by: javajolt on January 24, 2019, 05:07:48 PM
(http://i.postimg.cc/x1rWY722/Cisco-Study.jpg)
As reported by Cisco in its Data Privacy Benchmark Study, companies that follow the requirements of the General Data Protection Regulation (GDPR) experience benefits such as lower frequency and effect of data breaches, as well as fewer records being impacted in the attacks, shorter downtimes and lower overall costs.

GDPR is a user and data privacy regulation which came into effect in the European Union on May 25, addressing data protection of EU residents and the export of personal data outside the EU and EEA areas.

The report used the data collected via a double-blind survey which was answered by over 3200 security professionals from 18 countries from all over the world and from all major industries.

Security benefits go beyond the scope of the GDPR provisions

"Organizations have a long way to go to maximize the value of their privacy investments. Our research shows that the market is set and ready for those willing to invest in data assets and privacy may be the path forward to get there," according to Michelle Dennedy, Cisco's Chief Privacy Officer.

When it comes to the level of GDPR readiness among the respondents, 59% of them said that they are meeting either all or most of GDPR’s provisions, while 29% of them stated that GDPR-readiness is one year away and another 9% indicated that they would need more than a year to be ready.

Country GDPR-readiness was between 42% to 76%, with the European countries involved in the survey (i.e., France, Germany, Italy, Spain, UK) unsurprisingly scoring a lot higher on the scale when compared to countries from other continents.

(http://i.postimg.cc/bY4DNFnN/GDPR-readiness-by-country.jpg)

According to Cisco's study, companies' GDPR-readiness seems to be one of the factors behind a lower impact and frequency of data breaches affecting such entities:

Quote
GDPR requires organizations to know where there personally identifiable information (PII) is located and provide appropriate protections for this data. These efforts may have helped organizations better understand their data, the risks associated with their data, and to establish or strengthen protections for that data.

Furthermore, out of all the businesses which have reported at least a data breach during the last year, only 74% of GDPR-ready organizations were among them, while 80% of businesses who were less than a year from taking all the measures needed for GDPR-readiness and 89% of those that needed more than a year were breached.

To make matters even worse for companies that haven't implemented all the measures required to fully comply with the GDPR, while only 79,000 records on average were impacted by breaches in the case of GDPR-ready entities, the ones that were the least GDPR compliant had roughly 212,00 records affected by security breaches.

Additionally, whenever a company experienced a data breach, the overall system downtime was shorter for GDPR-ready companies (6.4 hours vs. 9.4 hours).

(http://i.postimg.cc/NjHxjHFZ/Business-benefits-of-privacy-investments.jpg)

As a direct consequence, the costs associated with data breaches were also lower for GDPR-compliant businesses with only 37% of them experiencing a loss of over $500,000 last year when compared with approximately 64% of the least GDPR-ready companies.

Cisco's Data Privacy Benchmark Study concluded that:

Quote
These results highlight that privacy maturity has become an important competitive advantage for many companies. Organizations should work to maximize the business benefits of their private investments, which may go beyond the requirements of any particular privacy regulation.

source (http://www.bleepingcomputer.com/news/security/gdpr-compliance-lowers-data-breach-frequency-and-impact-says-report/)