MircoWarehouse Survey Reveals Large Irish Firms Invested Heavily in Preparation for GDPR

A survey by IT firm MicroWarehouse has revealed that 20% of large Irish companies had not only utilized the time given to prepare for GDPR wisely but also that they went as far as hiring an interim CISO or engaging with a GDPR accelerator in order to be compliant when the legislation became enforceable on May 25.

The result of the survey showed that approximately four in every 10 larger firms in Dublin spent more than €20,000 in preparing for the introduction of the European Union data protection legislation while nine out of 10 Small and Medium Enterprises (SMEs) spent €5,000. At the opposite end of the scale, almost 90% of SMEs invested €5,000 getting ready for the May 25 deadline. The survey was conducted via face-to-face interviews with 100 chief information officers and IT leads in companies across Dublin.

Speaking on behalf of MicroWarehouse, Technical Sales Lead Aidan Finn commented: “The research indicates that little or no difference has been recorded to the day- to-day operations of companies surveyed. It also highlights the costs associated with becoming GDPR compliant, which is particularly onerous on SMEs who are subject to the same regulations as larger companies. In relation to cybersecurity and hacking, we were shocked to learn that security of data is so far down the agenda at a senior management level. Particularly in an era of cybercrime and data leaks, one would think ensuring the security of your network would be in the company’s best interest.”

Other interesting revelations brought to light by the results of the survey included:

  • 7% of companies do not think the introduction of GDPR has made any difference to their day-to-day operations
  • 33% of companies said that amendments to data breach procedures were the most common steps taken following the introduction of GDPR
  • 13% of firms said cybersecurity was one of the main priorities for their company
  • 33% a third stated that cybersecurity is never discussed at management level

If companies fail to comply with GDPR, they can be fined up to 4% of annual global turnover, or €20m, whichever figure is higher.