Cyber Security

Whitepaper claims GDPR will spark lean data revolution

6th March 2018
BDO
Alice Matthews
0

In its new whitepaper, BDO calls on enterprises to replace box ticking with P&L (profit and loss) thinking when it comes to GDPR. BDO demonstrates how mature information security and data privacy programmes can enhance the professionalism of a company’s employees and reinforce an organisation’s public reputation and recalls that the cost of ‘bad’ data is estimated to cause between 15% and 25% loss of income for most companies.

Organisations still do not have the processes to assess cyber risk and its business impact. While 79% of public company boards are more involved with cyber security now than they were 12 months ago , still 23% of corporate directors do not even know if they have a cyber breach/incident response plan in place. Only half (52%) of organisations are set up for regular cyber security risk assessments and not more than 40% of organisations are able to assess vendor risk . 

Article 32 - ‘security requirements’ of GDPR requires organisations be more structured and formal in their protection of personal information and demands. The investments and resources allocations that this demands will see organisations end up streamlined performance and reduced data management costs – essentially a lean data revolution, meaning:

  1. GDPR requires ‘data minimisation’ - only collecting, using and retaining what is necessary for processing. The discarding of extraneous and expired information.
  2. Controlling data costs - This is in stark contrast with the ‘gather it all and sort it out later’ or ‘keep everything indefinitely - just in case - because storage is cheap’ philosophies that many businesses have accidentally adopted.
  3. Dormant data - Perhaps more importantly, with the GDPR transformation expected to purge the ‘haystack’ of expired, extraneous information, staff will find the ‘needle’ they need faster and be less apt to use outdated information to support decisions – ‘bad’ data leading to a 15-25% loss of income for most companies .

Companies preparing for GDPR should think beyond penalty avoidance. GDPR is a springboard, a process in which companies transform and build a stronger foundation for both execution and strategy. Enterprises should expect to lower the cost of infrastructure, operations and to unlock information to support business decisions.

A clear picture of data flows provides insight for improvement: safer, more efficient and less costly operations. We will see that GDPR preparations lay the foundation for an organisation’s digital future, identifying new growth opportunities, trough not big data but lean data.

Featured products

Upcoming Events

View all events
Newsletter
Latest global electronics news
© Copyright 2024 Electronic Specifier