90% of businesses think it's too hard to delete customer data

Enterprises struggle ahead of GDPR rules

Symantec has revealed that the majority of businesses are underprepared for the EU's General Data Protection Regulation (GDPR) coming into effect in 2018, leaving them open to hefty fines should their practices not adhere to the stricter rules.

The security firm's research revealed that 90% of businesses think it will be hard for them to delete customer data of they receive a request and only 40% of companies have a system in place that allows them to do so.

More concerning is that 35% of business and IT decision makers don't think their company takes an ethical approach to securing and protecting customer data.

"These findings show businesses are not only underprepared for the GDPR they are underpreparing," said Kevin Isaac, senior vice president of Symantec. "There is a significant disconnect between how important privacy and security is for consumers, and its priority for businesses. The good news is there's still time to remedy the situation if firms take immediate action."

Advertisement - Article continues below

The biggest challenge businesses face is not having the knowledge in-house to be able to deal with the changes. A total 96% of companies don't understand the GDPR, while 91% don't think they will be able to meet the demands of it.

"Whether companies will successfully navigate the GDPR regulation hinges on their willingness to embrace privacy by design," Peter Gooch, cyber risk partner at Deloitte, said. "They must also understand that good security and privacy processes can provide a substantial competitive advantage and be a driver in gaining consumer trust, in addition to being driven by regulatory requirements."

In fact, only 22% have made complying with the European security demands a priority over the next two years, meaning it's likely to be put on the backburner for a lot of companies.

"Businesses should recognise that privacy, security and compliance with GDPR are extremely important brand differentiators," said Isaac. "Businesses' response to the GDPR should become a core element of organisational design and culture. Adopting a fragmented, piecemeal approach as part of a tick box exercise will create more problems than it solves."

Symantec's report revealed that consumers have a very different approach to GDPR, finding that 88% of European consumers think data security is the most important factor when choosing a company and 86% think the protection of their data is more important than the product quality.

While the GDPR may no longer apply to the UK directly following Brexit, the UK is likely to devise its own, similar, rules in order to continue trade with the EU.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now



Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
mergers and acquisitions

Xerox to pursue hostile HP takeover after $30bn gambit fails

28 Nov 2018
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
data breaches

T-Mobile data breach affects more than a million users

25 Nov 2019