Total Tests:

A Year Later, Many Sites Are Still Failing To Meet Basic GDPR Requirements

By AJ Dellinger for Forbes
Saturday, June 1, 2019

Other issues are less prevalent, but open sites up to potential issues including data breaches and other exploits. Researchers found that nearly seven percent of all sites tested are using outdated or vulnerable content management systems (CMS), which could be leveraged by a malicious actor to gain access to sensitive information. Another six percent of websites failed to use HTTPS encryption, an essential requirement that ensures a connection between a user and website is secure. If a site does not use HTTPS encryption, there is no guarantee that information shared with the site won't be intercepted by an attacker.

"We can see laudable efforts aimed to improve web application security and adhere to GDPR requirements amid European companies," Ilia Kolochenko, CEO and Founder of ImmuniWeb said in a statement. "However, there is a long road before the majority of organizations start valuing actual security above paper-based compliance thereby providing users with the privacy and security they truly deserve."

Despite some organizations coming up short of the standards set by GDPR, the regulations largely appear to be working. The European Commission's Justice and Consumers department revealed there have been 89,271 reported data breaches since the rules have gone into effect. (Organizations are required to disclose any data breach within 72 hours of discovery or face fines under GDPR.) There have also been a reported €56 million (about $63 million) in fines issued in that time. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential