Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Business > A QUARTER OF EUROPEAN FIRMS HAVE NO IDEA GDPR IS COMING THEIR WAY, SURVEY SHOWS

A QUARTER OF EUROPEAN FIRMS HAVE NO IDEA GDPR IS COMING THEIR WAY, SURVEY SHOWS

Published by Gbaf News

Posted on May 11, 2017

5 min read

Last updated: January 21, 2026

Travis Schreiber discussing the impact of financial reputation on businesses - Global Banking & Finance Review — Travis Schreiber, Director of Operations at Erase, emphasizes the importance of managing online reputation in finance. This image highlights the crucial link between financial missteps and consumer trust.

New consent rules, broadened European privacy rights, fines going up to millions of euros, as well as stricter procedures and public disclosure in cases of data breach – those are just some of the changes that will come into force as part of the General data protection regulation (GDPR) in May 2018.

Despite the significance of these changes, a large number of companies have no idea what is coming their way with little more than a year till the deadline. As demonstrated by an IDC Research survey* conducted on behalf of ESET, a quarter (25%) of the 700 surveyed European companies admitted they were not aware of GDPR and more than half (52%) of them were unsure of the impact on their organization.

Even after shifting the focus to those, which were aware of the regulation, the picture didn’t get much rosier. Every fifth (20%) firm in the survey hadn’t begun preparing for GDPR yet, and another almost 60% were still getting their systems in line with the new rules, leaving only 21% ready for the changes.

This is surprising, mostly in regards to the potential consequences businesses will face in case of non-compliance. Nowadays, costs of data breaches appear to remain in the lower six figure range, at least according to IDC Research’s surveying. A quick comparison with the coming penalties may put the near future into perspective.

35% of the organizations that suffered a data breach in the last two years, reported losses of between €25.000 and €250.000, and most (32%) put losses between €10.000 and €25.000. However, fines and rules on public disclosure imposed by GDPR can potentially increase financial risks after May 2018 to millions of euros.

The new regulation sets maximum fines to as high as €20 million or 4% of a company’s annual turnover if the company violates GDPR rules related to breaches of data protection principles, conditions for consent, customers’ or employees’ rights or international data transfers.

This means a significant increase in risk, but the regulation itself also suggests “proper means” that can help businesses mitigate them. Encryption is named as one of the technologies that can help protect data and ease some of the obligations.

Also, costs for implementing encryption at SMBs – starting around tens of euros per seat per year – are significantly lower than the potentially devastating fines companies face under GDPR.

In this regard, with only a year left until GDPR enters into force, IDC has also looked into the state of encryption and its use amongst the surveyed businesses. It found that file encryption has been implemented in 46% of the firms and is desired by 36%. Compared to that, full-disk encryption is reportedly in use in only 38% of the companies, and desired by a third of them (34%).

For more information on the General Data Protection Regulation, ESET has a dedicated page to help ensure that when the time comes, you have everything covered.

New consent rules, broadened European privacy rights, fines going up to millions of euros, as well as stricter procedures and public disclosure in cases of data breach – those are just some of the changes that will come into force as part of the General data protection regulation (GDPR) in May 2018.

Despite the significance of these changes, a large number of companies have no idea what is coming their way with little more than a year till the deadline. As demonstrated by an IDC Research survey* conducted on behalf of ESET, a quarter (25%) of the 700 surveyed European companies admitted they were not aware of GDPR and more than half (52%) of them were unsure of the impact on their organization.

Even after shifting the focus to those, which were aware of the regulation, the picture didn’t get much rosier. Every fifth (20%) firm in the survey hadn’t begun preparing for GDPR yet, and another almost 60% were still getting their systems in line with the new rules, leaving only 21% ready for the changes.

This is surprising, mostly in regards to the potential consequences businesses will face in case of non-compliance. Nowadays, costs of data breaches appear to remain in the lower six figure range, at least according to IDC Research’s surveying. A quick comparison with the coming penalties may put the near future into perspective.

35% of the organizations that suffered a data breach in the last two years, reported losses of between €25.000 and €250.000, and most (32%) put losses between €10.000 and €25.000. However, fines and rules on public disclosure imposed by GDPR can potentially increase financial risks after May 2018 to millions of euros.

The new regulation sets maximum fines to as high as €20 million or 4% of a company’s annual turnover if the company violates GDPR rules related to breaches of data protection principles, conditions for consent, customers’ or employees’ rights or international data transfers.

This means a significant increase in risk, but the regulation itself also suggests “proper means” that can help businesses mitigate them. Encryption is named as one of the technologies that can help protect data and ease some of the obligations.

Also, costs for implementing encryption at SMBs – starting around tens of euros per seat per year – are significantly lower than the potentially devastating fines companies face under GDPR.

In this regard, with only a year left until GDPR enters into force, IDC has also looked into the state of encryption and its use amongst the surveyed businesses. It found that file encryption has been implemented in 46% of the firms and is desired by 36%. Compared to that, full-disk encryption is reportedly in use in only 38% of the companies, and desired by a third of them (34%).

For more information on the General Data Protection Regulation, ESET has a dedicated page to help ensure that when the time comes, you have everything covered.