The key finding of the survey is that while over 90% of the respondents indicated they are familiar with the GDPR, 32% believe they are compliant or on their way to compliance. Moreover, almost 30% of surveyed companies reported a need to make substantial changes to security practices and technology to be in compliance with GDPR policies.

Other important results:

• The most challenging in becoming compliant is the lack of budget (32%), limited understanding of the regulation (29%), and lack of expert staff with critical skills (28%);

• The most important initiative in meeting GDPR compliance is to make an inventory of user data and map it to protected GDPR categories (49%), with the next most significant initiative to design applications and databases to have privacy enabled by default (31%);

• 65% of organizations where GDPR compliance is a top priority already have or plan to have a Data Protection Officer (in-house or outsourced).

The study is sponsored by STEALTHbits Technologies and is based on input from 530 global cybersecurity professionals who are members of the 370,000 member Information Security Community on LinkedIn.