Almost a third of UK CIOs and more than a quarter of other C-level IT decision makers can’t describe GDPR or specify how their firm complies, according to a survey by security firm Bitdefender. In addition, high percentages of CSOs and CISOs would rather risk fines than initiate a complex implementation process.