Kroll’s report reveals businesses struggle with global cyber and data privacy regulations. Many lack preparedness, despite increasing AI adoption and cyber threats.
Governments around the world have responded to cyber risks by imposing new security and privacy regulations on businesses, but Kroll’s report finds that many businesses remain uncertain about their ability to comply with these new rules.
“When it comes to addressing the patchwork of global data privacy laws and the impact on their businesses, just 12% of respondents globally ranked their organizations as ‘extremely prepared,’” Kroll said in its report. The average business gave itself a 7.4 score out of 10.
The European Union has enacted some of the strictest privacy regulations, but European companies were the least confident, on average, in their compliance capabilities, with an average score of 6.7. Kroll said the lower score “likely reflects a greater awareness of compliance challenges,” as multinational companies study “new U.S. privacy requirements [coming] online at the state level.”
“European companies operating internationally are increasingly concerned about the changes they’ll need to make to their existing privacy programs to stay compliant,” Tiernan Connolly, a managing director in Kroll’s Europe, Middle East and Africa cyber- and data-resilience practice, said in the report.
Also Read: Are VPNs Now the Weak Link in Enterprise Security?
Financial-services firms and technology companies reported the highest level of preparedness among industries, with an average score of 7.7, which Kroll attributed to the fact that they both regularly handle sensitive data.
Kroll’s survey contains an important and worrying data point about companies that reported compliance concerns: “Of those concerned, less than half have increased budgets, expanded teams, upskilled their workforce or hired external experts to prepare for the cyber and data privacy challenges ahead,” the report said.
When it comes to companies’ growing adoption of artificial intelligence, 93% of respondents in the survey said they had integrated AI into their businesses, with 50% saying they were using it for cybersecurity and IT.
Also Read: Can NIST’s New Guide Boost Global DNS Security?
But many of these companies are still improvising when it comes to adding AI to their systems. “Of those already using AI, 63% do not have AI transparency or explainability efforts in place,” Kroll said, “and 59% have not implemented any AI policies and guidance for employees.”
