Both small and medium businesses (SMBs) and large enterprises in Asia Pacific lack general awareness of the requirements of the European Union's new General Data Protection Regulation (GDPR).
These organisations don't know how to prepare for it, and are unaware of the impact of non-compliance on data security and business outcomes, according to Dell's research.
The new regulation goes into effect in May 2018 and affects companies of all sizes, in all regions, and in all industries.
These regulations are designed to strengthen protection of personal data for all EU citizens, and those not fully compliant when GDPR goes into effect risk significant fines, potential breaches and loss of reputation.
"This survey reinforces the global lack of general understanding of GDPR, the scope of the regulation, and what organizations need to do to avoid stringent penalties," said Lennie Tan, Sales Director, Identity and Access Management, Dell APJ. "Results also show that while some organisations "think" they are prepared, they will be in for a rude awakening if they experience a breach or must face an audit and are subject to the consequences of non-compliance with GDPR."
Although the majority of APAC IT and business professionals' express compliance concerns, about 90 percent of respondents know few details or nothing about GDPR.
Less than one in three companies feel they are prepared for GDPR today.
Seventy-one percent of IT and business professionals in APAC region are not nor don't know if their company is prepared for GDPR today, and only 7 percent of these respondents have a plan for readiness.
Nearly all APAC companies (93 percent) don't have a plan in place when GDPR kicks off in 2018.
"Both European organisations and those outside of Europe that do business there must adopt an adaptive, user-centric, layered security model approach around the tenets of prevent, detect, respond and predict," said Eric D'Angelo, regional sales director, Asia Pacific, Dell Security. "To be GDPR-compliant, they need security solutions that enable them to prevent attacks, detect a potentially dangerous presence in their networks, respond quickly to that threat, and analyze and report on the health of their networks in real time."
Sign up for CIO Asia eNewsletters.