GDPR compliance deadline is sooner than most think

EfficientIP has issued a warning for businesses as they prepare for the implementation of GDPR.

Last year’s industry studies reveal that it typically takes 99 days to detect a data breach, which gives hackers ample time to steal data without detection. This means that 15 February – 100 days before GDPR kicks in on 25 May – is actually the last day organisations can ensure real-world compliance with the new regulations.

As of 25 May, businesses will be held fully accountable for protecting their customers’ data, and failure may result in heavy fines. Cybersecurity experts have labelled 15 February ‘X-Day’, short for ‘exfiltration day’, as it is technically the last day companies can prevent data exfiltration attacks and not incur potentially catastrophic repercussions for their business.

EfficientIP research shows that 24% of businesses suffered data exfiltration in the past year, and most companies breached after 15 February will only discover the attack after GDPR is in force. They will only have 72 hours to publicly disclose the breach, and could suffer serious brand damage and loss of competitive advantage.

Well-prepared companies have a lot to be gained from GDPR, but the clock is ticking for those that aren’t.