GDPR three years on: 90 percent of security leaders concerned about data breach litigation

Published: Thursday, 27 May 2021 09:01

Research by Egress has found that 90 percent of security leaders are concerned about group legal settlements following a serious data breach. Launched to commemorate three years of GDPR, the research also found that almost half (47 percent) of consumers were likely to join a class-action lawsuit against an organization that had leaked their data, proving security leaders’ fears to be accurate.

In response, 91 percent of security leaders are turning to cyber insurance to protect themselves from financial exposure by either taking out new policies or increasing their cover because of GDPR.

The survey, independently conducted by OnePoll on behalf of Egress, interviewed 250 security leaders and DPOs in the UK and 2,000 UK consumers.

Other key findings include:

Egress CEO Tony Pepper comments: “The financial cost of data breach has always driven discussion around GDPR – and initially, it was thought hefty regulatory fines would do the most damage. But the widely unforeseen consequences of class action lawsuits and independent litigation are now dominating conversation. Organizations can challenge the ICO’s intention to fine to reduce the price tag, and over the last year, the ICO has shown leniency towards businesses, such as British Airways, letting them off with greatly reduced fines that have been seen by many as merely a slap on the wrist. With data subjects highly aware of their rights and lawsuits potentially becoming ‘opt-out’ for those affected in future, security leaders are right to be nervous about the financial impacts of litigation.”