After being approved back in 2016, giving businesses around 2 years to prepare, there is now less than 2 months until GDPR comes into effect (May 25th).
At this point you’d expect the majority of organisations to at least be reaching the end of their preparations, but according to the GOV.UK Cyber Security Survey 2018, only 38% of businesses are aware of GDPR, and of these, just over a quarter have started making changes.
Working within the IT industry, it’s rare a day passes when we don’t hear about or discuss GDPR, so it almost feels impossible for people to have not even heard about it.
However, our sales team who have been discussing GDPR with directors, business owners etc. over the past few months, have regularly faced the response “what’s GDPR?” or “What does it stand for?”.
Even more concerning, when asked how they handle their data internally and externally, many were not compliant with GDPR, and worryingly, didn’t seem too concerned about it.
GDPR - is the UK ready?
The general feeling is that many business owners have no urgency, don’t seem bothered, or don’t see it as their responsibility.
There’s also a lot of false belief that SME’s aren’t as much at risk of cyber-attacks as larger organisations, yet in reality they are more often the victims of attacks, and find it much harder to recover from them.
If directors/business owners still haven’t even heard about GDPR, we worry for their business.
If they know about it but haven’t started preparing yet, at least they still have some time, not necessarily to be fully compliant but to massively reduce their risk by May 25th.
If they continue to ignore it and they have a data breach, not only will they be named and shamed for everyone to see by the ICO, but the huge fines could potentially be something many businesses can’t recover from.
Too many UK businesses don’t appear ready for GDPR, and we think many of them will suffer because of this.
Not being compliant is a huge risk, and it will only be a matter of time until they’re facing the consequences.
It’s not too late for businesses to start taking the steps to improve their security and data protection methods, but if they haven’t even heard of GDPR yet, how can they begin to prepare?
Want to discuss GDPR with one of our experts? We provide GDPR assessments and audits. Contact us today on 01332 362 481 or email firstname.lastname@example.org.