Industry News

GDPR prompts companies worldwide to plan for stronger security, study shows

Enterprises and small-to-medium businesses (SMEs) worldwide in 2018 are bolstering their security strategies based on Europe’s upcoming data protection regulation, with a new poll showing more than half of organizations pledge to add identity and access security solutions.

The Versasec study found Europe’s General Data Protection Regulation (GDPR) is beginning to seriously affect companies’ approach to cybersecurity, although many still rely on inadequate defenses.

More than half of respondents say the GDPR, which takes effect in May, weighs heavily on their current security strategy decisions. 60% plan to spend up to 24% of their technology budgets on security this year; while 18% will spend 49%; and almost 25% will spend more than half of their budget on cyber defenses. Last year, only 15% of respondents said they planned to invest this much in cyber resilience.

The GDPR compels organizations that process EU customer data to comply with a new, unified set of data protection standards. Organizations that fail to comply risk hefty fines – up to €20 million in some cases.

Asked what security threats they currently fear, 35% of companies cited internal threats, while 65% names external threats as their biggest worry. 46% said they plan to deploy smart cards this year, while nearly 8% will deploy virtual smart cards, and 28% will deploy both.

However, traditional user name & password authentication remains the top means for securing identities, used by 89% of respondents. And, despite their inherent risks, 29% still plan to deploy user name and password solutions, and even one-time passwords (17%).

On the bright side, many companies pledge to deploy stronger authentication tools this year, including smart cards (47%), biometrics (36%), virtual smart cards (26%), and PKI (23%).

A recent cybercrime report reveals the volume of identity theft has doubled over the last two years. An account takeover occurs on average once every 10 seconds, and fraudsters can create complete identities from scratch and open new accounts by quilting together data harvested from breaches like the Equifax incident.

Also worth noting is that hackers increasingly use social engineering to “layer” their efforts and avoid detection.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware, and security, and has worked in various B2B and B2C marketing roles. He likes fishing (not phishing), basketball, and playing around in FL Studio.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.