Survey Says: Most SMEs Still Confused about GDPR
General Data Protection Regulation (GDPR) was designed to protect businesses, employees and customers alike from the dangers of cyberattacks and data breaches. However, most SMEs are still figuring out the regulation themselves, a significant number at this point in the mandate’s brief history. According to this year’s annual Aon SME Cyber Survey, over half of SMEs and micro-businesses are confused by or even unaware of the rules of GDPR. Even more telling, eight out of 10 businesses of this size do not see cyberattacks or data loss as a significant risk for their businesses.
The poll also indicates about one in four SMEs allow employees to use their own devices for work, and one in 10 have a Whatsapp group that is used for work purposes. The “Bring Your Own Device” culture — which sees business leaders and their teams using their personal computers, smartphones or tablets for work purposes, can expose companies to the increased risk of cybersecurity breach.
There are many aspects of GDPR SMEs may be unknowingly violating these days. According to the survey:
- 31 percent don’t currently insure against cyber and data risks;
- 77 percent didn’t think they would be liable to compensate victims of a data breach;
- 65 percent don’t confidentially dispose of paper records containing customer data; and
- 68 percent didn’t know you had to report a data breach to the Information Commissioner’s Office.
GDPR is massive in scale, and it takes experts to untangle the vast expanse of requirements companies of all sizes must follow to remain compliant. Your best bet is to rely on the expertise of an IT consultant like 2W Tech to guide your organization into compliance. Contact 2W today to get your organization help with your Cybersecurity compliance.