Risk

8/29/2017
03:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Nearly 25% of Companies Havent Hired a Data Protection Officer: Imperva

Enterprises say they may look to AI or machine learning to ease the burden of GDPR compliance.

Redwood Shores, Calif. – August 29, 2017Imperva, Inc. (NASDAQ: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced the results of a survey of 310 IT security professionals taken at the Infosecurity Europe 2017 trade show. The results suggest that while the industry is preparing for the General Data Protection Regulation (GDPR), 22 percent haven’t yet hired a Data Protection Officer (DPO). Of those with no DPO, 52 percent aren’t planning on hiring a DPO until the second half of 2018 or beyond – after GDPR enforcement commences.

“A crucial takeaway from this survey is that companies need to be engaging with GDPR compliance now,” said Terry Ray, CTO of Imperva. “The fact that a high percentage of respondents said they had already hired a DPO is encouraging. GDPR will rear its head in ways that nobody predicted, so engaging early and being ready for every possibility is absolutely crucial.”

Another revelation from the survey is that when it comes to GDPR, many security professionals are banking on help from machine learning technology. Over half (55 percent) of the security professionals indicated that they believed AI or machine learning solutions could bear some of their considerable workload in the next three to five years, with 27 percent suggesting it could even be within the next year or two.

About GDPR

The GDPR gives individuals in the EU more control over their personal data and is designed to make sure that their personal information is protected, even outside the EU. It applies to businesses that offer goods and services to data subjects in the EU or monitor behavior of data subjects in the EU, regardless of their industry or location of the business. It becomes effective on May 25, 2018. Organizations are focusing on GDPR compliance because fines for certain violations may be up to the greater of €20 million or four percent of total worldwide annual turnover. Article 37 of the GDPR requires any organization processing personal data on a large scale to retain an independent DPO.

Imperva provides data discovery, data masking, and data compliance solutions that can assist organizations in their GDPR compliance efforts. To learn how Imperva helps organizations prepare for GDPR, visit bit.ly/2xHq743.

Survey Methodology
Conducted June 6-8 in London, at Insecurity Europe 2017, Europe’s largest security focused conference, the in-person survey is based on responses from attendees including IT professionals, managers and executives.

To view the full survey results, visit bit.ly/2wiNy49. To learn more about The GDPR job market, read our study at bit.ly/2vDovag.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17321
PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
CVE-2018-17322
PUBLISHED: 2018-09-22
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
CVE-2018-14889
PUBLISHED: 2018-09-21
CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability.
CVE-2018-14890
PUBLISHED: 2018-09-21
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
CVE-2018-14891
PUBLISHED: 2018-09-21
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.