UK Business Leaders Lack GDPR Awareness
New research from Gowling WLG, the multinational law firm, suggests that UK business leaders are less aware of the digital risks facing their organisations compared with their continental European counterparts. In particular, business executives in the UK are at the end of the queue in terms of their knowledge and understanding of GDPR – the Global Data Protection Directive coming into force on the 25th May next year.
Based on data gathered from 999 large SMEs in the UK, France and Germany, the report concludes that UK business leaders have an overly optimistic view of digital risks, identifying between 2 and 25% fewer risks than non-UK respondents for each area analysed.
For the countries examined, external cyber risks (69%) were identified as the most concerning category of digital threat followed by customer security (57%), identity theft / cloning (47%) and rogue employees (42%). More than a third of respondents (40%) believed that the ‘lack of sufficient technical and business knowledge amongst employees’ is a significant risk to their business.
In terms of data protection, only 14% of UK businesses are aware of the fines they will face for failing to protect their data under GDPR, the most significant change to data protection legislation in Europe for the last two decades. This compares with 26% of respondents from Germany and 45% from France who are aware of the maximum fine. Based on these results, the vast majority of businesses in the UK appear to be totally unprepared for the risks posed by failing to comply with GDPR.
Only 52% of UK businesses do regular data back-ups, compared to 66% in Germany and 67% in France. Noticeable differences also emerged in terms of off-site storage . Only 32% of UK businesses compared to 39% in Germany and 50 per cent in France would consider off-site storage for sensitive data.
One of the most worrying conclusions of the survey is the general attitude of business leaders towards digital risk. While many are anticipating an increase in cyber-attacks over the next three years, most do not think that such risk is a major concern for their business.
We know “it won’t happen to you” – but just in case in does, why not contact us for a chat to see how we can better prepare your business for future digital threats, ensuring that you are fully GDPR compliant.