GDPR compliance issues giving IT executives sleepless nights

Manufacturers ill-prepared to meet cyber threats, finds survey

GDPR compliance issues giving IT executives sleepless nights

IT executives working in capital markets, wealth management and corporate banking sectors are struggling with budget cuts and staff shortages while implementing cyber security strategies that will be compliant with the upcoming General Data Protection Regulation.

The new data protection regulation, which will be implemented in the UK by way of a revamped data protection law, will come into force May 26th, but even though it is just a couple of months away, a large number of industries are still struggling to change their cyber security strategies to ensure compliance with the new law.

Budget cuts and staff shortages

According to a survey of over 200 IT executives carried out by IT consultancy firm Excelian, Luxoft Financial Services, budget cuts, and staff shortages have turned out to be the two biggest impediments that financial firms have to grapple with in order to ensure compliance with GDPR.

As per the survey results, 43% of IT executives across Europe are suffering sleepless nights while trying to decide how to shape their cyber security strategies with the limited time at hand. Even though a large majority (89%) of such executives agree with the fact that changing their cyber security strategy is a top priority, 55 percent of them are struggling with the lack of funds required to bring about such changes.

54% of IT executives also said that lack of training and learning opportunities held them back, while 26% cited skills shortage in their IT department as their biggest challenge. According to one in every four IT executives from across Europe, complicated internal processes are hindering their quest to change their strategies ahead of the GDPR's arrival.

“IT departments in banks are being pulled in two directions. Banks want to focus on digital innovation, but IT professionals feel unable to escape from the ever-present cyber threat. Budget cuts are leaving smaller teams with fewer spare hours in the day. Unable to plan ahead, they spend their days firefighting problems and upgrading legacy systems," lamented Marcin Swiety, Global Head of Luxoft’s Information Security practice.

"Most financial institutions want to capitalise on technologies like blockchain, AI and the cloud, but they are difficult to implement both securely and at pace. If we want to see digital transformations that are truly protected from the cyber threat, then institutions must find a way for IT departments to free up their time," he added.

More focus on efficiency & a fresh approach

Commenting on the multiple challenges faced by IT security executives, Chris Bown, Director, UK at Mendix, said that such executives working in the financial services sector have to constantly bring in new innovations, rolling-out and scaling new custom mobile and web applications. When IT teams feel they’re only able to spend less than half of their time on proactive work, this puts them in a really tough spot.

"Enabling real digital innovation requires CIOs to consider new tactics that can help IT keep pace. One approach is to adopt new technology such as low-code application development. Low-code doesn’t require extensive programing experience which speeds up the development process and makes it possible to transfer some of the workload to teams outside of IT.

"In our experience, organizations in the financial services sector who are working to embrace innovative application development create small teams who use an agile approach to quickly identify projects, build, test and iterate on the solutions. These projects span a variety of use-cases including improving internal operational efficiency, creating better customer experiences and launching new products," he said.

"With a majority of budget and effort spent on maintaining legacy systems, IT leaders need to incorporate new tools and methodologies to enable their team to maximize their remaining budget and resources on projects that will advance their business.

"This means new propositions can be rapidly built and taken to market in weeks or months, often rather than years. All of which helps IT to be more effective, especially when time and resources are limited," he added.

The following two tabs change content below.

Jay Jay

Jay has been a technology reporter for almost a decade. When not writing about cybersecurity, he writes about mobile technology for the likes of Indian Express, TechRadar India and Android Headlines


Get the latest cyber news in your inbox

Join our community of cyber professionals today!