According to new research, as many as 74 percent of IT security practitioners say that complying with the GDPR will have a “significant negative impact” on their organizations, such as large potential fines and the increased global effects of the regulations.
Conducted by the Ponemon Institute in conjunction with Citrix, the study polled over 4,200 IT, security and business professionals from around the globe.
The report revealed that a third (33 percent) of organizations represented in the research were still not aware of GDPR, and only half had allocated budgets and begun preparation for the May 2018 compliance deadline.
The biggest concern among respondents (65 percent) involved the potential penalties of up to 100 million euros, or 2-4 percent of annual worldwide revenue.
Other top concerns included increased territorial scope of the regulations (53 percent), as well as tighter requirements for obtaining valid consent to process personal data (38 percent).
Furthermore, less than half of organizations (48 percent) said they believe their security infrastructure facilitates compliance and regulatory enforcement with a centralized approach to controlling, monitoring and reporting data.
As a result, respondents are concerned about how their organizations will address the risks associated with the introduction of new international privacy and security regulations and cybersecurity mandates, the report noted.
“Security is a global concern and whether you’re a large government organizations or a small business, the time to act is now,” said Citrix CSO Stan Black in a press release.
“While these more strict regulations are being put into place, take a strategic approach, look at the big picture, educate your workforce to create a security-aware culture, and fin comprehensive solutions that adhere to the unique needs of your business,” added Black.