This new functionality enables companies identify data collection that is not in compliance with the General Data Protection Regulation (GDPR). Addition of the analytics feature comes on the heels of RiskIQ’s own assessment of external data security threats to companies in the US and Europe.

To assess the threats, the company searched each company’s entire portfolio of assets just as a bad actor would, looking for security risks that could be exploited or that were in breach of the GDPR. RiskIQ’s review of the banks’ data security revealed an average of 1,891 insecure login forms; 1,663 pages collecting PII insecurely; 1,326 EU first-party cookie violations; and 1,265 EU third-party cookie violations.

Furthermore, its analysis of Europe’s top 30 companies found that 33% had web pages that collected EU personal data in violation of GDPR. Similar analysis conducted on 25 of the 50 largest US banks discovered that 68% had significant security gaps in Personally Identifiable Information (PII) collection. Also, in the company’s analysis of the 30 top European companies, RiskIQ found almost 100,000 web-facing pages.

Once the risks to GDPR are assessed, RiskIQ sends mitigation recommendations to their clients. With the May 2018 deadline for GDPR compliance fast approaching, expect to see more third-party compliance tools and services launching.