Financial services organisations still unsure about data protection laws despite spending £79m on compliance

Data security laws are continuing to be a problem for businesses despite them having paid millions on compliance, according to a new study from Tanium, the security company.

Having polled 750 IT decision makers, including 89 from financial services firms, Tanium found that more than nine out of ten companies have fundamental IT weaknesses that leave them vulnerable and potentially non-compliant.

That is despite the fact that the researchers found that  financial services organisations have spent on average £79m o comply with the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other data privacy regulations over the past 12 months alone.

Those costs include the 81% of organisations that have hired new staff, 83% that have trained their staff and 77% that have introduced new tech to ensure compliance.

“While it’s encouraging to see global businesses investing to stay on the right side of data privacy regulations, our research suggests that their good work could be undermined by inattention to basic IT principles,” said Chris Hodson, chief information security officer at Tanium. “Many organisations seem to have fallen into the trap of thinking that spending a considerable amount of money on GDPR and CCPA is enough to ensure compliance. Yet without true visibility and control of their IT assets, they’re leaving a backdoor open to malicious actors.”

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.