GDPR compliance issues giving IT executives sleepless nights
23 March 2018 |
IT executives working in capital markets, wealth management and corporate banking sectors are struggling with budget cuts and staff shortages while implementing cyber security strategies that will be compliant with the upcoming General Data Protection Regulation.
The new data protection regulation, which will be implemented in the UK by way of a revamped data protection law, will come into force May 26th, but even though it is just a couple of months away, a large number of industries are still struggling to change their cyber security strategies to ensure compliance with the new law.
Budget cuts and staff shortages
According to a survey of over 200 IT executives carried out by IT consultancy firm Excelian, Luxoft Financial Services, budget cuts, and staff shortages have turned out to be the two biggest impediments that financial firms have to grapple with in order to ensure compliance with GDPR.
As per the survey results, 43% of IT executives across Europe are suffering sleepless nights while trying to decide how to shape their cyber security strategies with the limited time at hand. Even though a large majority (89%) of such executives agree with the fact that changing their cyber security strategy is a top priority, 55 percent of them are struggling with the lack of funds required to bring about such changes.
54% of IT executives also said that lack of training and learning opportunities held them back, while 26% cited skills shortage in their IT department as their biggest challenge. According to one in every four IT executives from across Europe, complicated internal processes are hindering their quest to change their strategies ahead of the GDPR's arrival.
“IT departments in banks are being pulled in two directions. Banks want to focus on digital innovation, but IT professionals feel unable to escape from the ever-present cyber threat. Budget cuts are leaving smaller teams with fewer spare hours in the day. Unable to plan ahead, they spend their days firefighting problems and upgrading legacy systems," lamented Marcin Swiety, Global Head of Luxoft’s Information Security practice.
"Most financial institutions want to capitalise on technologies like blockchain, AI and the cloud, but they are difficult to implement both securely and at pace. If we want to see digital transformations that are truly protected from the cyber threat, then institutions must find a way for IT departments to free up their time," he added.
More focus on efficiency & a fresh approach
Commenting on the multiple challenges faced by IT security executives, Chris Bown, Director, UK at Mendix, said that such executives working in the financial services sector have to constantly bring in new innovations, rolling-out and scaling new custom mobile and web applications. When IT teams feel they’re only able to spend less than half of their time on proactive work, this puts them in a really tough spot.
"Enabling real digital innovation requires CIOs to consider new tactics that can help IT keep pace. One approach is to adopt new technology such as low-code application development. Low-code doesn’t require extensive programing experience which speeds up the development process and makes it possible to transfer some of the workload to teams outside of IT.
"In our experience, organizations in the financial services sector who are working to embrace innovative application development create small teams who use an agile approach to quickly identify projects, build, test and iterate on the solutions. These projects span a variety of use-cases including improving internal operational efficiency, creating better customer experiences and launching new products," he said.
"With a majority of budget and effort spent on maintaining legacy systems, IT leaders need to incorporate new tools and methodologies to enable their team to maximize their remaining budget and resources on projects that will advance their business.
"This means new propositions can be rapidly built and taken to market in weeks or months, often rather than years. All of which helps IT to be more effective, especially when time and resources are limited," he added.
Latest posts by Jay Jay (see all)
- 52% of UK schools and colleges are still not fully GDPR compliant - 23rd April 2019
- EU Parliament adopts centralised biometric database to monitor migrants - 23rd April 2019
- UK businesses suffered nearly 120,000 cyber attacks each in Q1 2019 - 19th April 2019
- Supreme Court allows Morrisons to appeal data breach verdict - 19th April 2019
- Facebook “unintentionally” imported email contacts of over 1.5 million users - 18th April 2019