With just a year to go until the EU’s disruptive General Data Protection Regulation (GDPR) is enforceable, some business leaders might think these new personal data protection rules are an inconvenience at best – or another waste of EU money at worst. But the story is different for IT professionals across Europe, who expect to become more powerful at work because of the GDPR.
Most IT decision makers in Europe (63%) expect to feel empowered by the new regulations when they come into force – because they will be put in a position of authority to enforce data protection at the organizations they work for. This is one of the findings of a new study by Kaspersky Lab, ‘From overwhelmed to empowered: the IT department’s GDPR journey towards good data health.'
IT professionals, the study implies, care deeply for the protection of personal data. Their day-to-day experiences of fighting the threat of data leaks means that they worry about how organizations currently treat data – only half (55%) of IT decision makers trust that organizations look after their own personal data properly at the moment. Perhaps unsurprisingly then, one in five (22%) are not confident that the organization they work for will be fully compliant with the new data protection requirements by May 25, 2018.
Their concerns and knowledge from the coalface of data protection put IT professionals in a unique position when it comes to enforcing the new and impactful regulations in their place of work, says Kaspersky Lab.
Despite many IT decision makers (63%) currently feeling overwhelmed by the new regulations and the task ahead, the GDPR will give IT the chance to make a difference to how organizations treat the personal data of EU citizens. Half (51%) of IT decision makers, for example, believe the GDPR will also change how they do their job for the better and most (66%) would like training on what the GDPR means for their organization.
According to Kaspersky Lab spokespersons, "IT decision makers across Europe may, naturally, be daunted at the prospect of dragging their colleagues towards GDPR compliance. After all, IT professionals, more than anyone else in an organization, know how much work there is to be done. They know the bad data habits of a business. They know what mistakes happen. And they know how and why personal data may come into danger in the organizations they work for. But because they see the flaws, they are also in a position of influence to help plug the gaps and prevent data leaks or mismanagement.
"Over the next year, we are expecting to see more IT professionals start to wave the flag for the protection of personal data within the organizations they work for. The GDPR presents a chance for IT to bring even more value to business, and to become a force for good data health within organizations, by enforcing the protection of the personal data in their care."
The research questioned over 2000 IT decision makers about their readiness for the GDPR, across the UK, France, Germany, Italy, Spain, Portugal, Netherlands, Belgium, Denmark, Sweden, and Norway.