Extract from article Christian Buckley
Are companies underestimating the potential impact of the EU’s General Data Protection Regulation (GDPR) coming in 2018?
What we’re seeing is companies broadly falling into four pots: the Ostriches, the Swans, the Tree Frogs and the Lions.
The Ostriches are simply burying their heads and hoping the entire regulation simply does not apply to them — this seems to be true of many organizations based outside of the EU — they’re convinced there is ‘nothing to see here’ and are carrying on regardless.
The Swans are putting on a brave face whilst madly scrambling behind the scenes to pay the information ‘taxes’ they have not been paying as they go along. They’re trying to gather, audit, classify and generally get a grip on the information they have, why they have it and where it is. They’re the most engaged but they’ve got a sweat on behind closed doors.
The Tree Frogs are calm. They sit there on their branch just chirping ‘compliant!’ every few minutes. In some cases they do genuinely get it, they’ve been through the process to understand their compliance/risk position and they’re pretty chilled. In other cases, they just have not understood the obligations (and the risks) and think they’re all good — in many cases this belief has been driven by what they’re being told by IT partners and vendors, who are actually Ostriches ….
The final group — the Lions — are the ones that are just backed into a corner and are lashing out at anybody within paws reach. They hate the EU, they hate information, they hate consultants trying to help them — they’re lashing out while secretly hoping the whole thing will just go away.