POST Online Media Lite Edition


Organisations are not doing enough to protect data privacy

Staff Writer |
In today’s data-driven society, privacy, security and trust are more vital and intertwined than ever before.

Article continues below

But many organisations are not doing all they can to protect data privacy, according to new findings released today from PwC PwC’s 2018 Global State of Information Security® Survey (GSISS).

Less than half of respondents (49%) say their organisation limits collection, retention, and access of personal information to the minimum necessary to accomplish the legitimate purpose for which it is collected.

Only 51% of respondents have an accurate inventory of where personal data for employees and customers are collected, transmitted, and stored. And only 53% require employees to complete training on privacy policy and practices.

When it comes to third parties who handle personal data of customers and employees, less than half (46%) conduct compliance audits to ensure they have the capacity to protect such information.

And a similar number (46%) say their organisation requires third parties to comply with their privacy policies.

The survey draws on responses of 9,500 senior business and technology executives from 122 countries.

Businesses in Europe and the Middle East generally lag behind those in Asia, North America, and South America in developing an overall information security strategy and implementing data-use governance practices, according to 2018 GSISS findings.

Senior executives recognize the rising stakes of cyber insecurity. In PwC 21st Global CEO Survey, cyber threats entered the top 5 threats to growth for the third time, with 40% of CEOs saying they were extremely concerned about this, up from 25% last year.

There is some cause for optimism. 87% of global CEOs say they are investing in cybersecurity to build trust with customers. Nearly as many (81%) say they are creating transparency in the usage and storage of data. But less than half say they are taking these actions “to a large extent.”

And more worrying is that less than a third of African CEOs and nearly a quarter of North American CEOs (22%) say they are “not at all” creating transparency in the usage and storage of data.

What to read next

Organisations in EMEA take proactive security stance
Quarter of American accessing internet via free public Wi-Fi
Internet trust at all time low, says Internet Society