From: Computer Business Review
60% believe little guidance has been provided in run up to NIS and GDPR legislation.
Many European organisations are unprepared for and challenged by cost and complexity of compliance with new European Union security legislation.
Only 39% of France, Germany and UK indicated that they have all required measures in place for the NIS directive and less so for GDPR.
The proposed NIS (Network and Information Security) directive is set to be implemented in 2015 and will impose new security and incident reporting requirements on a broader range of private sector companies.
The GDPR (General Data Protection Regulation) legislation also has a due date of 2015, with compliance becoming mandatory in 2017.