The benefits of the upcoming GDPR will depend greatly on how the rules are enforced in real-life applications, according to a leading cybersecurity firm.
CyberArk CEO Udi Mokady believes that there is a difference between not adhering to "basic cyber hygiene" and not corresponding to what the GDPR governing body believes is a "reasonable" level of protection of data.
"We see some firms that simply do not have basic cyber hygiene when it comes to managing their systems and their data," he told Independent.ie.
"But, what if a firm who is trying to adhere to the standards set out? Will they be penalised the same? There are potential benefits but we'll have to see how the rules are enforced".
General Data Protection Regulation (GDPR) come with potential fines of up to €20m or 4pc of a company's global turnover, a penalty that could put many out of business.
The Irish data protection commissioner Helen Dixon has previously warned Irish companies that there will be no second chances for non-compliance of GDPR.
The new rules are due to take effect in less than four months' time, on May 25, but Mr Mokady believes that some firms are hoping for the deadline to be pushed out further.
"Corporate awareness in terms of cyber security has changed dramatically. With new SEC and GDPR rules, companies are being forced to disclose breaches and board members are now asking the questions," he said.
"Nonetheless, while US companies are starting to realise that this doesn't just concern Europe and are having the conversation now, some firms are hoping for extensions to the deadlines".
CyberArk has offices in the US, Israel, Australia, France, Germany, Italy, Netherlands, Singapore, Turkey and the UK.