90% of businesses think it's too hard to delete customer data

Enterprises struggle ahead of GDPR rules

Symantec has revealed that the majority of businesses are underprepared for the EU's General Data Protection Regulation (GDPR) coming into effect in 2018, leaving them open to hefty fines should their practices not adhere to the stricter rules.

The security firm's research revealed that 90% of businesses think it will be hard for them to delete customer data of they receive a request and only 40% of companies have a system in place that allows them to do so.

More concerning is that 35% of business and IT decision makers don't think their company takes an ethical approach to securing and protecting customer data.

"These findings show businesses are not only underprepared for the GDPR they are underpreparing," said Kevin Isaac, senior vice president of Symantec. "There is a significant disconnect between how important privacy and security is for consumers, and its priority for businesses. The good news is there's still time to remedy the situation if firms take immediate action."

Advertisement - Article continues below
Advertisement - Article continues below

The biggest challenge businesses face is not having the knowledge in-house to be able to deal with the changes. A total 96% of companies don't understand the GDPR, while 91% don't think they will be able to meet the demands of it.

"Whether companies will successfully navigate the GDPR regulation hinges on their willingness to embrace privacy by design," Peter Gooch, cyber risk partner at Deloitte, said. "They must also understand that good security and privacy processes can provide a substantial competitive advantage and be a driver in gaining consumer trust, in addition to being driven by regulatory requirements."

In fact, only 22% have made complying with the European security demands a priority over the next two years, meaning it's likely to be put on the backburner for a lot of companies.

"Businesses should recognise that privacy, security and compliance with GDPR are extremely important brand differentiators," said Isaac. "Businesses' response to the GDPR should become a core element of organisational design and culture. Adopting a fragmented, piecemeal approach as part of a tick box exercise will create more problems than it solves."

Symantec's report revealed that consumers have a very different approach to GDPR, finding that 88% of European consumers think data security is the most important factor when choosing a company and 86% think the protection of their data is more important than the product quality.

While the GDPR may no longer apply to the UK directly following Brexit, the UK is likely to devise its own, similar, rules in order to continue trade with the EU.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now


data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020