Businesses struggle to fill cybersecurity jobs, despite higher budgets.

Companies have neglected identity theft protection to the point that the European Union has made it law to meet guidelines to protect our personal data.

But, half of companies are going to blow deadline to be Global Data Protection Regulation compliant, says a study from international law firm McDermott Will & Emory.

What is Global Data Protection Regulation?

All internet companies that operate in Europe or hold European clients’ personal data will have to meet set privacy standards by May 25, says a report from CNET. Companies that do not meet regulations may face penalties and fines.

The law firm had Ponemon Institute in Michigan poll more than 1,000 American and European information technology workers.

Forty percent say their companies expect to meet regulations past the deadline, the poll says. Another 8 percent aren’t sure. Three-fifths say GDPR will change the system their company has to collect, use and protect sensitive data. And 71 percent say failing to meet compliance could drastically affect their companies’ business deals globally.

“These findings reflect the demanding nature of GDPR and the anxiety around complying with it,” says McDermott partner Mark Schreiber. “A key issue here is prioritizing what can be done in the remaining time before that May deadline and acting on those high risk areas.”

Who’s worried?

Big tech companies like Facebook and Google are large targets — but aren’t the only type the European Union will keep an eye on. Hospitals, insurers, banks and companies that hold access to personal information are also on their radar. Sensitive data can grant a cyberthief access to your name, street address, credit card numbers, and other sensitive information to commit identity theft.

GDPR was approved by the European Union Parliament April of last year, according to its website. GDPR states that companies in the EU — in and out the continent of Europe — have to be transparent about how they handle customers’ sensitive data, NBC News reports.

Also, companies must warn customers of a data breach within three days, which has been the toughest change to make.

Eighty-three percent say that preparing for data breach notification is the most difficult obligation to meet, the study says. Sixty-eight percent say that failing to comply with the notification requirement is the greatest risk their company is facing.

Even with regulations, can we really feel safe from identity theft?

Good tech hacked

More companies have started to use internet-based storage for our personal information than saving it to a hard drive. A convenient way to store information is now a gold mine to cyberthieves.

Especially since most IT professionals can’t trust the employees at their jobs to protect this data, says a joint study from cloud business group Oracle and tax advisory company KPMG.

Eight in 10 IT professionals worry that employees won’t follow cybersecurity policies they’ve established to protect sensitive cloud information.

Cloud data insecurity is just one positive tech development used for evil purposes, according to cybersecurity company Norton. Others do exist — like botnets, a data theft tool hackers use.

“[Botnets are] connected computers performing a number of repetitive tasks to keep websites going,” a study from Norton antivirus says.  “These types of botnets are entirely legal and even beneficial to maintaining a smooth user experience on the Internet.”

But, some are maliciously coded by hackers.

There are 195,000 botnet threats everyday, says a study from telecommunication company CenturyLink. Threats that afflict 104 million internet servers, computers, smartphones and tablets.

When these cyberthieves get their hands on your personal information they can commit identity theft. The increase in crime has led to a rise in cybersecurity professionals hiring at businesses.

Help wanted: cybersecurity professionals

Companies have been increasing their cybersecurity budgets. They’re just having one problem, though. Good cybersecurity talent is hard to find.

Fifty-nine percent of information technology professionals say they have unfilled jobs at their company, says a study from technology association ISACA. This year only 54 percent of companies can fill these positions in three months — down 8 percent from last year.

Thirty-seven percent of security professionals said less than 25 percent of candidates for security positions were qualified, in 2017. This year, that number dropped to 30 percent. And 64 percent expect their cybersecurity budget to increase next year, up 14 percent from last year.

It’s not so much a matter of having the funds to hire new staff, it’s the ability to find qualified staff, according to ISACA CEO Matt Loeb.

“The available workforce lacks the skills organizations critically need,” Loeb says. “More of those dollars will need to be invested in technical cybersecurity training, along with effective retention programs. Practitioners who acquire and demonstrate hands-on technical cybersecurity skills will find themselves in significant demand.”

 

 

Meet the Author

Joe Pye

Joe Pye

Associate editor

Pye is the associate editor of Debt.com.

Tech

identity theft

Related Posts

Article last modified on September 20, 2018 Published by Debt.com, LLC . Mobile users may also access the AMP Version: Identity Theft: More Funding, More Problems - AMP.