Would tend to agree with this. Always challenging when new issues arise that boards haven't historically had to deal with as top of the agenda. Our GDPR and cyber team would love to help to bring awareness into the main board discussions.
Simon Morrissey, partner and head of the Data and Privacy practice group at Lewis Silkin confirms that “GDPR preparedness remains patchy. Regulated businesses such as those in the financial services sector and US businesses with operations in the EU are ahead of the curve. However, there are many businesses who are either adopting a wait and see attitude due to concerns about the commercial disadvantage and cost of over-compliance, whereas other businesses are not doing enough on the grounds of cost cutting.”