Small and large businesses are gearing up to meet all the rules under General Data Protection Regulation (GDPR). The reform is almost a year away from its implementation, which will be implemented on May 25th, 2018.
As per Canalys, an independent research analyst company, in wake of this development, the IT security market in Western and Central Eastern Europe is expected to grow 16% to $11.5 billion in 2018.
What is GDPR?
In January 2012, European Commission, the executive branch of the European Union, had proposed this reform to extend the rights of citizens around privacy and protection of their data. Hence, this has a direct effect on companies that operate in the region and deal with handling the personal data of their customers.
It requires firms to maintain adequate data records, reveal the data breaches and increase opt-out options. Those who fail to comply may be subjected to handsome fines.
As per a survey conducted by PwC, 92% of the companies in the U.S. said GDPR is their highest priority on their data privacy and security agenda. This step comes as a result of a rise in breaches. Senior Analyst Nushin Vaiani said,
With ransomware threats such as WannaCry causing havoc, shareholders will be more willing to accept increased data security and compliance budgets to protect their long-term investment.
Effects on businesses
The new reform demands a reassessment of operational structure for businesses that handle data in the EU. Vaiani says,
Our research shows that large businesses are well informed on information security regulations, with resources in place to ensure compliance.
Whereas small and medium-sized businesses (SMBs) naturally have fewer resources, and this puts a constraint on implementation. And since there are potentially massive fines for non-compliance with GDPR, SMBs are under the threat of bankruptcy. Businesses have to take appropriate condition to pre-empt this danger. The reason behind this is simple – even if the large businesses may have to deal with large volumes of personal data, which increases the probability of risks, at least they have their strategies in place.
Many SMBs do not have such policies or even dedicated team to overlook this aspect, which makes understanding such changes all the more difficult for them. Overall, the net effect on SMBs will be vital and many are turning to their existing relationships with channel partners for help. The firm expects this trend to accelerate, as SMBs realize they do not have much time to implement changes to meet the deadline.