03:25 PM
Dark Reading
Dark Reading
Products and Releases

Nearly 25% of Companies Havent Hired a Data Protection Officer: Imperva

Enterprises say they may look to AI or machine learning to ease the burden of GDPR compliance.

Redwood Shores, Calif. – August 29, 2017Imperva, Inc. (NASDAQ: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced the results of a survey of 310 IT security professionals taken at the Infosecurity Europe 2017 trade show. The results suggest that while the industry is preparing for the General Data Protection Regulation (GDPR), 22 percent haven’t yet hired a Data Protection Officer (DPO). Of those with no DPO, 52 percent aren’t planning on hiring a DPO until the second half of 2018 or beyond – after GDPR enforcement commences.

“A crucial takeaway from this survey is that companies need to be engaging with GDPR compliance now,” said Terry Ray, CTO of Imperva. “The fact that a high percentage of respondents said they had already hired a DPO is encouraging. GDPR will rear its head in ways that nobody predicted, so engaging early and being ready for every possibility is absolutely crucial.”

Another revelation from the survey is that when it comes to GDPR, many security professionals are banking on help from machine learning technology. Over half (55 percent) of the security professionals indicated that they believed AI or machine learning solutions could bear some of their considerable workload in the next three to five years, with 27 percent suggesting it could even be within the next year or two.

About GDPR

The GDPR gives individuals in the EU more control over their personal data and is designed to make sure that their personal information is protected, even outside the EU. It applies to businesses that offer goods and services to data subjects in the EU or monitor behavior of data subjects in the EU, regardless of their industry or location of the business. It becomes effective on May 25, 2018. Organizations are focusing on GDPR compliance because fines for certain violations may be up to the greater of €20 million or four percent of total worldwide annual turnover. Article 37 of the GDPR requires any organization processing personal data on a large scale to retain an independent DPO.

Imperva provides data discovery, data masking, and data compliance solutions that can assist organizations in their GDPR compliance efforts. To learn how Imperva helps organizations prepare for GDPR, visit bit.ly/2xHq743.

Survey Methodology
Conducted June 6-8 in London, at Insecurity Europe 2017, Europe’s largest security focused conference, the in-person survey is based on responses from attendees including IT professionals, managers and executives.

To view the full survey results, visit bit.ly/2wiNy49. To learn more about The GDPR job market, read our study at bit.ly/2vDovag.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
Microsoft Report Details Different Forms of Cryptominers
Kelly Sheridan, Staff Editor, Dark Reading,  3/13/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.