The General Data Protection Regulation
and the Data Privacy Officer
A survey of 310 cyber security professionals
S U R V E Y
Taken during Infosecurity Europe, June 2017
Article 37 of the General Data
Protection Regulation requires
any organization processing
personal data on a large scale
to retain an independent data
protection officer (DPO).
Is your company preparing for the General Data
Protection Regulation (GDPR) ?
Does your company have a Data Protection Officer (DPO)?
Second half of 2018
First half of 2018
If you don’t already have a DPO and plan on
hiring one, when will you hire?
Yes, in the next
year or two
Yes, in three to
Do you think that technology in the form of AI or machine
learning solutions will help tackle the DPO workload?
The fact that a high percentage of
respondents said they had already hired
a DPO is encouraging. GDPR will rear its
head in ways that nobody predicted, so
engaging early and being ready for every
possibility is absolutely crucial.”
— Terry Ray, Imperva CTO