Average spend on GDPR compliance ‘tops $1.5 million per global organisation’
An EfficientIP X-Day study says average spend on GDPR compliance tops $1.5 million per global organisation, with less than 100 days to go before the deadline for EU GDPR compliance on 25th May this year.
EfficientIP, through independent market research firm Coleman Parkes, asked over 1,000 companies worldwide about their preparation plans for GDPR. Among the key findings were:
- Over two-thirds of global businesses at 72% are confident they will have all required GDPR compliance processes in place by 25th May 2018.
- North America is the most confident region in world, with American and Canadian organisations saying they will be prepared at 84% and 75% respectively.
- Despite the on-going Brexit negotiations and uncertainty looming over the enforcement and effectiveness of the EU GDPR regulation on local businesses, the UK is the most confident nation in Europe, with 74% saying they will be ready by deadline day.
- In comparison, Spanish businesses are a close second to the UK at 73%, dropping to 66% of French respondents. German organisations are the least confident in Europe at 61%.
Businesses worldwide believe there will be a variety of benefits they will gain from being GDPR compliant. Nearly half of all organisations surveyed, at 46%, say the most important benefit from being GDPR compliant is gaining customer trust to handle sensitive data.
31% of businesses believe the most important value from compliance is enhanced brand awareness. 18% of respondents felt GDPR compliance will increase customer loyalty is the most important benefit.
APAC, North America and Europe businesses believe the biggest positive impact from compliance is increased trust in handling customer data at 53%, 46% and 41% respectively.
European organisations lead the study in saying increased customer loyalty is the biggest impact at 22%, with North America and APAC following respectively at 15%, 14%.
On average, global organisations have so far spent $1,583,000 (£1,145,000) on GDPR compliance. Globally, European businesses have spent the most on average on compliance with Germany leading at $1,969,000 (£1,424,000), followed by the UK with $1,798,000 (£1,300,000), with France completing the top three at $1,781,000 (£1,288,000).
USA and Singapore tops regional spending in North America and APAC, investing $1,568,000 (£1,134,000) and $1,521,000 (£1,100,000) respectively on average. Small and Medium Business have spent on average $1,263,000 (£893,000) so far on compliance, whereas large businesses have spent up to $5 (£3.5) million on compliance.
A key element in EU GDPR is for businesses to provide adequate data protection. In response to this regulatory requirement, 38% of global organisations are convinced that better monitoring and analysis of DNS traffic is the best option to provide data protection in their networks, whilst 35% think securing network endpoints is best and only 21% choose to add more firewalls.
EfficientIP says this shows organisations are finally realising, after the various successful data breaches over the last year, that firewall technology is no longer adequate.
APAC, North America and European organisations are confident in DNS monitoring and analysis technology at 40%, 37% and 36% respectively.
Commenting on the study figures, Herve Dhelin, SVP Strategy at EfficientIP, said: “As organisations enter the final straight of GDPR compliance with 100 days to go, our research shows they have never been so close to regulatory compliance. There is still some work to do, but it is encouraging to see nearly three-quarters of businesses are ready and most organisations see monitoring and analysis of DNS traffic, not firewalls nor endpoints, is the best way of preventing data breaches.”