1) One year after the GDPR went into effect, most organizations were still not compliant. Only 45% of IT executives claimed their organizations consistently applied encryption strategies. 2) There has been a two-fold increase in the number of annually reported data breach notifications since GDPR and 91 GDPR-related fines have been given in the first 8 months. 3) The largest GDPR fine to date was €50 million imposed on Google and 18 investigations are underway by Ireland's data protection regulator for many tech companies.