From the IBM Institute for Business Value

Share this page

Share this page

A catalyst for change

It is said that innovation and creativity can flourish under intense pressure and constraint – GDPR compliance could present organizations with this type of opportunity. For most, preparations are still in motion, but as we move past the compliance date, a new phase begins. One critical question: can organizations turn a compliance challenge into an occasion to advance their digital efforts? Our research has identified a small group of leaders who say they will be fully compliant with GDPR by the enforcement date and view it as a catalyst for change. This report explores how they are approaching security, privacy, data and analytics, and customer engagement, and how their efforts could drive future success.

Featured findings

Only 36% of surveyed executives say they will be fully complaint with GDPR by the enforcement date
59% of respondents see GDRP as an occasion for transformation or a spark for new date-led bussiness models
compared to the rest of our study sample, 3X as many GDRP leaders report having a fully committed organization and 6x report very strong internal collaboration
96% of GDRP leaders agree that proof of compaliance with GDRP will be viewed as a positive differentiador by the public.

About the authors

Cindy Compert

Cindy Compert
Distinguished Engineer and Security CTO,
Data Security and Privacy, IBM Security

Richard Hogg

Richard Hogg
Global GDPR & Governance Offerings Evangelist, IBM Hybrid Cloud

David Jarvis

David Jarvis
Security & CIO Lead, IBM Institute for Business Value,
Global Business Services

Read related IBM publications

IBM Cybersecurity and Privacy Research

IBM Cybersecurity and Privacy Research

Top performers share how they are moving quickly

Cybersecurity in the cognitive era

Cybersecurity in the cognitive era

Priming your digital immune system

Beyond the boom

Beyond the boom

Improving decision making in a security crisis

Choose a channel to access
IBV thought leadership 

Follow IBV

Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations. The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation. Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey at www.ibm.com/gdpr.