Risk

8/29/2017
03:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Nearly 25% of Companies Havent Hired a Data Protection Officer: Imperva

Enterprises say they may look to AI or machine learning to ease the burden of GDPR compliance.

Redwood Shores, Calif. – August 29, 2017Imperva, Inc. (NASDAQ: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced the results of a survey of 310 IT security professionals taken at the Infosecurity Europe 2017 trade show. The results suggest that while the industry is preparing for the General Data Protection Regulation (GDPR), 22 percent haven’t yet hired a Data Protection Officer (DPO). Of those with no DPO, 52 percent aren’t planning on hiring a DPO until the second half of 2018 or beyond – after GDPR enforcement commences.

“A crucial takeaway from this survey is that companies need to be engaging with GDPR compliance now,” said Terry Ray, CTO of Imperva. “The fact that a high percentage of respondents said they had already hired a DPO is encouraging. GDPR will rear its head in ways that nobody predicted, so engaging early and being ready for every possibility is absolutely crucial.”

Another revelation from the survey is that when it comes to GDPR, many security professionals are banking on help from machine learning technology. Over half (55 percent) of the security professionals indicated that they believed AI or machine learning solutions could bear some of their considerable workload in the next three to five years, with 27 percent suggesting it could even be within the next year or two.

About GDPR

The GDPR gives individuals in the EU more control over their personal data and is designed to make sure that their personal information is protected, even outside the EU. It applies to businesses that offer goods and services to data subjects in the EU or monitor behavior of data subjects in the EU, regardless of their industry or location of the business. It becomes effective on May 25, 2018. Organizations are focusing on GDPR compliance because fines for certain violations may be up to the greater of €20 million or four percent of total worldwide annual turnover. Article 37 of the GDPR requires any organization processing personal data on a large scale to retain an independent DPO.

Imperva provides data discovery, data masking, and data compliance solutions that can assist organizations in their GDPR compliance efforts. To learn how Imperva helps organizations prepare for GDPR, visit bit.ly/2xHq743.

Survey Methodology
Conducted June 6-8 in London, at Insecurity Europe 2017, Europe’s largest security focused conference, the in-person survey is based on responses from attendees including IT professionals, managers and executives.

To view the full survey results, visit bit.ly/2wiNy49. To learn more about The GDPR job market, read our study at bit.ly/2vDovag.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.