GDPR Compliance and Fines May Affect Almost 80% of Organizations Surveyed


November 08, 2017 08:00 ET

GDPR Compliance and Fines May Affect Almost 80% of Organizations Surveyed

HyTrust survey finds most organizations with cloud infrastructure are unprepared for GDPR deadline with less than a year until enforcement

MOUNTAIN VIEW, CA--(Marketwired - November 08, 2017) - Today HyTrust, Inc., a leader in workload security solutions, announced findings from its latest cloud adoption survey conducted at VMWorld 2017. The survey of 323 respondents assessed deployment decisions for cloud infrastructure, containers and workload security along with risk and compliance from cloud deployments. The most significant result was the large number of companies that are not prepared for General Data Protection Regulation (GDPR) compliance that takes effect in May 2018.

The European Union (EU) regulation for data privacy not only applies to organizations located within the EU, but it will also apply to organizations located outside of EU member nations if they process and hold the personal data of residents within the European Union, regardless of the company's location.

Key findings regarding GDPR:

  • Only 21% of organizations are concerned about GDPR and have a plan in place.
  • Over half (52%) of the respondents say that their organization is either not concerned about GDPR or are unaware of its relevance for their business.
  • Over one quarter (27%) of respondents are concerned about GDPR, yet have no plan in place.

"If you think GDPR doesn't apply to your organization, think again," said Eric Chiu, founder and president, HyTrust. "The survey results were surprising, many organizations are unprepared or have not perhaps taken the time to assess the impact GDPR requirements may place on their cloud infrastructure. Most organizations today are very aware of their security risks but are not as far along with technology and processes to meet the GDPR compliance requirements, despite a May 2018 deadline that has significant fines for failure to comply."

GDPR non-compliance can lead to fines of up to 4% of annual revenue or 20 million Euros. Despite this, many organizations are unprepared. According to Gartner, on May 25, 2018, less than 50% of all organizations impacted will be fully compliant with GDPR.(1)

Cloud Platforms and Containers Survey Results

In addition to survey results regarding GDPR, HyTrust's 2017 survey also revealed findings on cloud platform deployments, risks, and containers:

Private/Public Cloud Workload Risks

  • The top risk for on-premises/private cloud infrastructure was "uncontrolled or unmonitored access by admins" (32%).
  • The top public cloud infrastructure risk was "malicious or accidental exposure of workload data" (30%).


  • Containers remain an area of active exploration with limited production deployments, which provides time for security professionals to architect and deploy security policy across multi-vendor, multi-cloud infrastructure. Only 12% of those surveyed described their container deployment as "production" while 75% are doing nothing or just beginning to evaluate.

Cloud Platform Deployments

  • Although the use of hybrid cloud infrastructures is getting more popular, 22% are not using public clouds at all.
  • Just under half (44%) have no hybrid cloud deployment and only 28% have a single vendor hybrid cloud deployment
  • Only 10% of organizations are not using encryption in public cloud, down from 28% last year.

The survey included respondents from key industries including: government/military, financial/ insurance, healthcare/biotech, manufacturing, transportation/shipping and technology.

For more information visit or download:

About HyTrust

HyTrust's mission is to make private, public and hybrid cloud infrastructure more trustworthy for enterprises, service providers and government agencies. HyTrust provides solutions that automate security controls for software-defined computing, networking and storage workloads to achieve the highest levels of visibility, granular policy control and data protection. HyTrust customers benefit from being able to accelerate cloud and virtualization cost savings while improving their security posture by automating and enforcing security policies in real time, adapting quickly to compliance requirements, and preventing unplanned outages.

Headquartered in Mountain View, CA, HyTrust is backed by the leading providers of strategic IT infrastructure including VMware, Cisco, Intel and Fortinet; by the vanguard of innovative solutions for the intelligence community, In-Q-Tel; and by a world class group of financial investors including AVP Growth, Epic Ventures, Granite Ventures, Sway Ventures, Trident Capital and Vanedge Capital.

(1) Gartner Says Organizations Are Unprepared for the 2018 European Data Protection Regulation

Contact Information