A recent study has discovered a shocking lack of GDPR awareness among UK businesses, even in the boardroom, with the punishing regulation merely months away.

Research found that only 10 per cent of UK boardrooms are involved in the compliance process at this crucial moment, while 73 per cent of UK businesses do not know the full potential extent of GDPR fines.

Shockingly, this research from Trend Micro also exposes that 56 per cent of UK businesses do not know that email marketing databases count as personal information that requires robust protection.

Combined with this lack of GDPR understanding, 88 per cent of UK businesses express confidence that their data security measures are first rate, and cannot be further improved.

Rik Ferguson, VP Security Research at Trend Micro, said: “The lack of knowledge demonstrated in this research by enterprises surrounding GDPR is astounding. Birth dates, email addresses, marketing databases and postal addresses are all critical customer information, and it’s concerning that so many British businesses – despite their confidence – are unaware of that… If businesses aren’t protecting this data, they aren’t respecting the impending regulation – or their customers – and they definitely aren’t ready for GDPR.”

While the Trend Micro research presents troubling statistics, the recruitment specialist Robert Half recently released findings showing a spike in hiring from UK CIOs to bolster teams in preparation for the arrival of GDPR.

READ MORE: GDPR and market boom to send IT security spending soaring – Gartner

“With just nine months to go before it comes into force, GDPR should be the biggest boardroom issue of the moment. But the findings suggest it’s the elephant in the British boardroom. If organisations don’t take the regulation seriously, they could be subject to a fine that’s a significant portion of global revenue. The task for the C-Suite now is to see GDPR as a business issue rather than a security issue, before it gets to that stage,” said Ferguson.