Just six months on from the implementation of the General Data Protection Regulation (GDPR), new research from Thales eSecurity has revealed that more than two thirds (69%) of consumers would consider legal action against any company that failed to manage their data properly under GDPR.
The company surveyed 1,000 UK consumers and 250 IT decision makers to discover that 86 per cent of consumers would consider switching to another company after a data breach and 35 per cent stated that a data breach under GDPR would 'definitely' give them a negative perception of the a company.
Surprisingly 17 per cent of UK consumers said they still had not heard of the regulation compared to just nine per cent in Germany. However, a quarter (25%) of people in both regions revealed that they could not explain what GDPR is.
Thales eSecurity also questioned members of the C-Suite as to whether their organisation was prepared for the legislation in time for the May deadline and 84 per cent of businesses reported being 'completely' ready with 11 per cent being somewhat prepared. The manufacturing and utilities industries had the highest preparedness rates at 91 per cent while retail had the lowest across both countries at 78 per cent.
Cost to businesses
UK businesses also ranked second when it came to financial investment into preparing for GDPR. Spending in the UK averaged £86,806 while German organisations invested an average of €210,653.
Only three out of ten enterprises across the UK spent over £10,000 preparing for the regulation whereas more than half did the same in Germany. On the other end of the scale, 16 per cent of German organisations invested between €500,000 to €1m to become compliant compared with just five per cent of organisations across the UK.
GDPR has also affected how enterprises interact and engage with third-parties with 38 per cent admitting to completely changing their security policies with contractors or vendors while 24 per cent partially changed their policies.
- We've also highlighted the best VPN