GDPR causing spending delays

The hope with GDPR was that the rush to become compliant would create a bit of a bonanza for those selling security, data management and authentication tools.

There have been enough headlines about it and talk of the looming May deadline cannot have passed many people by but Cisco might have unearthed some worrying developments.

far from rushing into buying fresh technology Cisco's Privacy Maturity Benchmark Study found that two thirds of those businesses quizzed were reporting sales delays because of customer data privacy concerns.

Some of the public sector verticals, including health and government, are suffering the longest delays because of the stricter standards they are working towards.

The Cisco study also exposed the level of losses with what the vendor termed as "privacy-immature" companies being hit the hardest.

"This research demonstrates that good privacy is good for business, and organizations need to invest in data privacy governance and process to reap the benefits," said Michelle Dennedy, chief privacy officer at Cisco.

A lot of the concerns stem from doubts that products and services purchased will have the privacy protections that are required under GDPR.

As well as delaying spending it also reveals the levels of confusion that still exist around just what will be required to become compliant.

Research from  Clearswift looked at the preparations for GDPR in the UK, US, Germany and Australia found that only 21% of middle management felt they were ready for the compliance regulations.

The firm found a disconnect between the board and middle management, with the more senior executives more optimistic about the ability to take right to be forgotten requests.

“Middle management is more likely to have a better view of the data that their organisation holds – where it is saved and how it is being used – because they are more familiar with the day-to-day operations and challenges that staff may encounter," said Dr Guy Bunker, svp products at Clearswift.

“GDPR can be the first step towards better information governance: GDPR compliance is about being able to recognise a particular data set and protect it accordingly. The same processes and technology can be used to protect other types of information that are valuable to your organisation. For example, product design documents, price lists, patent applications and even information around service pricing and contract bids," he added.