Risk

8/29/2017
03:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Nearly 25% of Companies Havent Hired a Data Protection Officer: Imperva

Enterprises say they may look to AI or machine learning to ease the burden of GDPR compliance.

Redwood Shores, Calif. – August 29, 2017Imperva, Inc. (NASDAQ: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced the results of a survey of 310 IT security professionals taken at the Infosecurity Europe 2017 trade show. The results suggest that while the industry is preparing for the General Data Protection Regulation (GDPR), 22 percent haven’t yet hired a Data Protection Officer (DPO). Of those with no DPO, 52 percent aren’t planning on hiring a DPO until the second half of 2018 or beyond – after GDPR enforcement commences.

“A crucial takeaway from this survey is that companies need to be engaging with GDPR compliance now,” said Terry Ray, CTO of Imperva. “The fact that a high percentage of respondents said they had already hired a DPO is encouraging. GDPR will rear its head in ways that nobody predicted, so engaging early and being ready for every possibility is absolutely crucial.”

Another revelation from the survey is that when it comes to GDPR, many security professionals are banking on help from machine learning technology. Over half (55 percent) of the security professionals indicated that they believed AI or machine learning solutions could bear some of their considerable workload in the next three to five years, with 27 percent suggesting it could even be within the next year or two.

About GDPR

The GDPR gives individuals in the EU more control over their personal data and is designed to make sure that their personal information is protected, even outside the EU. It applies to businesses that offer goods and services to data subjects in the EU or monitor behavior of data subjects in the EU, regardless of their industry or location of the business. It becomes effective on May 25, 2018. Organizations are focusing on GDPR compliance because fines for certain violations may be up to the greater of €20 million or four percent of total worldwide annual turnover. Article 37 of the GDPR requires any organization processing personal data on a large scale to retain an independent DPO.

Imperva provides data discovery, data masking, and data compliance solutions that can assist organizations in their GDPR compliance efforts. To learn how Imperva helps organizations prepare for GDPR, visit bit.ly/2xHq743.

Survey Methodology
Conducted June 6-8 in London, at Insecurity Europe 2017, Europe’s largest security focused conference, the in-person survey is based on responses from attendees including IT professionals, managers and executives.

To view the full survey results, visit bit.ly/2wiNy49. To learn more about The GDPR job market, read our study at bit.ly/2vDovag.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.