Privacy in Motion - the truth behind the numbers
The most suprising thing about this GDPR survey was that 62% of participants stated
? they had GDPR plans in progress. This is great, but a heavy reliance on Professional
Services (47%) means that allot of the learnings might be lost when the programme finishes.
?Nearly half state that their Board's are engaged, but 62% state they have no specific budget
?, so is the Board actually listening, but not putting their hands in thier pockets?
?
Digital Safety, Privacy and Security and Global Best Practices Legal Expert (US and Canadian)
7 年Litigators will happily use this kind of statistics to plead for punitive damages. 1. Aware of risk, 2. Appreciate high risk and costs, 3. Didn't manage risk accordingly = punitive damages far exceeding provable actual losses. And may not be covered by insurance.
Global Head of Office of the CISO | Privacy, Cyber, AI Governance, Data Ethics & Trust | Ex-Google | Ex-Big4 | Advocacy | Leadership
7 年More and more businesses see this as a legal or compliance topic. In my view, this is a business issue and having an ExCo sponsor is key as GDPR will lead to a significant way on how personal data should be considered and handled within the business not only to be compliant, but to also exploit it in an acceptable way. We have been working with DPOs of several businesses from this perspective to help them create the required business case.
Cyber & IT Mgmt. | Transformation | Projects | Enterprise Architect | ACA, IT Audit & GRC
7 年Well, if Professional Services are being paid, then someone authorised a PO out of a budget?
Global Head of Cybersecurity Operations - A Highly Experienced Cyber Security, Data Protection, (GDPR, UKDPA), and Privacy Professional Helping Organisations Become Resilient & Compliant
7 年Steve Excellent job and thank you for sharing. This about right. Many people I have spoken to as far back as Nov still have not got budget. released. So where is the Board's engagement? One sure way of demonstrating support and committment is to provide the needed funding and resource.
Head of Cyber Group Services @ CK Hutchison and Group Chief Information Security Officer @ A.S. Watson Group
7 年Issue is I think with the DPO role. It's new and lots of companies hired new faces. Then you have New boys and girls asking for millions. Irrespective of the risk, it takes time. It is therefore unrealistic for many companies to be ready by May 2018. GDPR seems more like a 2020 law.