A new report from Gemalto claims Australian organisations may be falling short when it comes to compliance with data security regulations.

The company today released its fifth annual Data Security Confidence Index. The report is based on a global survey of 1050 IT decision makers and 10,500 consumers — including 100 Australian IT decision makers and 1000 Australian consumers.

Globally, 60 per cent of the IT decision maker respondents claimed that their organisation had policy and procedures in place to ensure that sensitive information is protected in line with government legislation.

However, when it came to Australia, only 48 per cent indicated their compliance measures were up to scratch.

Some 92 per cent of Australian organisations indicated that they are finding it difficult to remain compliant with data regulations.

Australian organisations have recently been faced with two major new regulatory changes relating to data. One is the European Union’s General Data Protection Regulation (GDPR), which came into effect on 25 May. Although it’s an EU regulation, Australian businesses that have European customers are affected by it.

In February, Australia’s data breach notification regime took effect, obliging most major Australian businesses to notify their customers and the Office of the Australian Information Commissioner of serious data breaches.

When it came to analysing data effectively, Australian organisations fared better in the Gemalto report. Forty-seven per cent of Australian respondents indicated they believed their organisation was highly effective when it comes to analysing the data they collect, ranking second overall behind Indian IT decision makers.

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it – and that means they won’t know how to apply the appropriate security controls to that data,” Jason Hart, vice president and CTO for data protection at Gemalto, said in a statement.

Source: Computer World