Despite GDPR coming into effect just months ago, companies are still being lax with protecting customer data, and PR and marketing employees top the list as those least likely to know about their company’s security policy, according to research by telecommunications service provider 247meeting.
This is despite the fact that a quarter of employees have experienced either a data breach, cyber-attack or both, during their careers.
Key findings
The top five industries least likely to know where their security policy is saved
| Sector | Don’t know where security policy is saved |
| Marketing, advertising and PR | 64% |
| Hospitality and events management | 56% |
| Performing arts | 55% |
| Law enforcement and security | 52% |
| Publishing and journalism | 50% |
Top five sectors affected
| Sector | Experienced data breach | Experienced cyber-attack | Experienced both | (Combined) |
| Information research and analysis | 27% | 27% | 18% | 73% |
| Law enforcement and security | 7% | 48% | 10% | 66% |
| Environment and agriculture | 5% | 40% | 10% | 55% |
| Leisure, sport and tourism | 7% | 37% | 4% | 48% |
| Business, consulting and management | 17% | 13% | 8% | 38% |
The top five companies that haven’t been trained on GDPR
| Sector | Haven't been trained on GDPR |
| Hospitality and Events Management | 55% |
| Media and Internet | 45% |
| Marketing, Advertising and PR | 44% |
| Engineering and Manufacturing | 41% |
| Property and Construction | 40% |
Gavan Doherty, CEO of 247meeting says: “GDPR is of crucial importance for any company with access to customer data, however, it is something that many are still lacking in compliance with. All companies, brands and agencies need to prepare for something like a cyber-attack or data breach to fully ensure that customer and company data will be protected in these extreme cases.”
Discussing what companies should do, Doherty advises: “In light of the BA-hack scandal, doing simple practices like training employees on the importance of protecting data or having refreshers every quarter will help to remind workers of what they need to do in an emergency. In most cases of a hack, the communications team will need to inform the public on what is happening and as long as there is a plan put in place for this kind of event, customers will feel more at ease.”
Doherty concludes that protecting data is not just important for the IT division, PR employees must be made aware too: “As much as preventing hacks and breaches is crucial for a company’s IT team, having a crisis-response plan in place for such attacks is also crucial for comms teams.”
Methodology
The study surveyed 2,000 workers (in an office environment) on OnePoll to find out if any of their daily tasks were affecting the security in their workplace. These results are also broken down by age range, nearest city, sector, job level and working remotely.
If you enjoyed this article, sign up for free to our twice weekly editorial alert.
We have six email alerts in total - covering ESG, internal comms, PR jobs and events. Enter your email address below to find out more: