UK Firms Don’t Think New EU Regulation Will Stop Data Breaches

UK organizations are the most pessimistic in Europe about the chances of the forthcoming EU General Data Protection Regulation actually helping to prevent data breaches, with the majority believing the European Commission should consult businesses more, according to Trend Micro.

The second installment of the security vendor’s EU Data Protection Regulation report shows a distinct lack of support for and engagement with the new rules, which are set to ratified later this year.

Just 18% of those UK firms interviewed – the lowest in Europe – said they thought the regulation would prevent organizations from losing or illegally collecting data.

Less than half (41%) said they believed the regulation was required to improve data protection, compared to 81% in Italy, while a worryingly low 44% said they were aware the regulation will replace local legislation once ratified – the second lowest in Europe after the Nordics.

“Awareness is growing among companies that the new EU data legislation will have a significant impact on their businesses, but there is still some way to go. It’s frightening considering how close it is and how little some organizations know,” said Trend Micro vice president of security research, Rik Ferguson.

“Large enterprises are aware they have to be compliant, but smaller organizations don’t have the right people looking at it. Ultimately it’s the government’s responsibility to make sure that business is aware of what this means, but whether that’s the UK government or EU government is a key question.”

In fact, most UK respondents (78%) said the European Commission doesn’t consult them enough before setting data protection regulations.

Only 13% of UK businesses said their customers are currently demanding transparency about where data is kept, but that will change with the coming regulation, said Ferguson.

“We’re going to see a lot more customers invoking the right to be forgotten,” he added in a statement.

“Customers will be asking ‘Do organisations even know where my data is? Do they know how to delete it?’. If a company like Google is struggling, imagine what it’s going to be like for mere mortals.”

Despite most British businesses (69%) claiming they were confident of being as secure as they can be against a data breach, many are making significant efforts to bolster security, the report claimed.

Some 72% said they had increased staff awareness about threats, whilst encrypted passwords (60%) and remote wipe tech for lost devices (47%) were both increasingly popular technologies.

What’s hot on Infosecurity Magazine?