Delayed threat detection and breach notifications “intensify regulatory challenges”
With the number of data breaches occurring every day on the rise and data privacy laws such as the EU General Data Protection Regulation (GDPR) beginning to loom large, organisations are starting to make data governance and data protection far more of a priority.
As the ‘Data Protection: Prioritising Regulations and Guidelines’ research study released by Blancco Technology Group duly reveals, delayed threat detection and breach notifications could intensify the regulatory challenges of data protection. In particular, 16% of businesses take between one and six months to detect a security threat, while 5% only detect a threat when notified by external parties.
While threat detection plays a vital role in helping organisations to prevent data loss/theft, it’s equally important for businesses to notify regulatory authorities and customers of a data breach in a timely and efficient manner.
Despite the EU GDPR’s requirement to notify regulatory authorities of a data breach within 72 hours, 13% of the IT professionals surveyed by Blancco Technology Group admitted it takes between one month and a year to do so.
In such instances, these organisations would be in violation of the EU GDPR’s breach notification requirement and could face regulatory fines of up to €20 million or 4% of their global turnover, whichever is the greater.