By browsing this site, you are agreeing to our cookie policy. More Information

Guidance Software Releases General Data Protection Regulation (GDPR) Survey Results

News | May 23, 2017

Study finds majority of companies are behind schedule preparing for new regulation

PASADENA, Calif. – May 23, 2017 Guidance Software, the makers of EnCase®, the gold standard in forensic security, today announced at Enfuse 2017 the results of a survey of companies on the General Data Protection Regulation (GDPR). Set to go into effect on May 25, 2018, GDPR requires all organizations doing business in EU member countries to comply with new regulations governing the data privacy rights of EU citizens.

“With nearly 5 billion data records exposed in the past 4 years alone there is a clear trend toward stronger protection of consumer data, and GDPR is a major first step in that direction,” said Anthony Di Bello, Senior Director, Products, Guidance Software. “This data suggests that many organizations are, on the whole, behind schedule for compliance. Security leaders must make GDPR a priority over the next year in order to avoid major financial penalties.”

Highlights of the Guidance Software survey include:

  • Companies are not far along with GDPR planning: Only 15.7% of companies surveyed are in advance planning for GDPR, while 24% of organizations say they will not be ready by the May 2018 deadline.
  • Bigger companies are further along: 43% of organizations with $1 billion or more in revenues currently have processes that can identify data records of any EU citizen and determine where that data is being processed. This compares to 26.8% of organizations with less than $100 million in sales.
  • Top 3 activities to be GDPR compliant: For all companies, the top 3 activities to become GDPR compliant are:
    • Use/maintain policies/procedures for the anonymization and de-identification of personal data (24.9%).
    • Conduct a full audit of EU personal data manifestation (22.8%).
    • Use US Cloud repositories implemented with EU encryption (21.4%).
    • Evaluate all third-party operational partners that access personal data transfers (21.4%).
  • Identifying data records of EU citizens: More than half of companies surveyed have not yet begun to evaluate third-party products or developer processes to identify data records of EU citizens.
  • Hiring Data Protection Officers: When asked to prioritize the recruiting and training a qualified Data Protection Officer, 23.7% named it a high priority; 18.1% named it a medium priority; and 15.4% named it a low priority.

Survey Methodology
The survey questioned 225 senior-level IT security executives from the US and UK in April 2017.


About Guidance Software
Guidance (NASDAQ: GUID) exists to turn chaos and the unknown into order and the known-so that companies and their customers can go about their daily lives as usual without worry or disruption, knowing their most valuable information is safe and secure. The makers of EnCase®, the gold standard in forensic security, and EnForce™, an automated cyber risk management platform, Guidance provides a mission-critical foundation of market-leading applications that offer deep 360-degree visibility across all endpoints, devices and networks, allowing proactive identification and remediation of threats.

From retail to financial institutions, our field-tested and court-proven solutions are deployed on an estimated 33 million endpoints at more than 70 of the Fortune 100 and hundreds of agencies worldwide, from beginning to endpoint.

For more information about Guidance Software, please visit, "Like" our Facebook page, follow us on Twitter, or follow our LinkedIn page.

Guidance Software®, EnCase® and EnForce™ are trademarks owned by Guidance Software and may not be used without prior written permission. All other trademarks and copyrights are the property of their respective owners.


Austin DeArman
O: 626-768-4641
M: 202-341-9181