Greater Focus on Privacy Pays Off for Firms
Posted in: Surveillance & Privacy at 28/01/2020 12:40
Privacy-mature companies complete sales more quickly, have fewer and less serious breaches, and recover from incidents faster, according to Cisco's annual survey.
Companies that invest in privacy see an average return of 270% on their investments, with seven out of 10 companies seeing significant benefits from their privacy expenditures, according to an annual survey published by Cisco today.
In addition, more mature companies — as measured by a five-point accountability score — saw greater returns on their privacy investments, with high-scoring companies seeing an average benefit of 3.1 times return, compared to low-scoring companies, which saw an average benefit of 2.3 times return, according to the "Cisco Data Privacy Benchmark Study 2020." The report, based on a survey of 2,500 security professionals familiar with their companies' privacy practices, underscores that privacy programs are no longer just about avoiding fines but about building trust with customers, says Robert Waitman, director of privacy insights and innovation at Cisco.
Cisco 2020 Data Privacy Benchmark Study Confirms Positive Financial Benefits of Strong Corporate Data Privacy Practices
- For the first time, the 2020 Data Privacy study, drawing from data from 2800 organizations in 13 countries shows return on investment(ROI) for privacy
- Seventy percent of organizations say they received significant business benefits from privacy beyond compliance—up from 40 percent in 2019
San Jose, Calif. – January 27, 2020 – Cisco, today, published its 2020 Data Privacy Benchmark Study, the company’s third annual look into corporate data privacy practices worldwide and shows growing tangible benefits for businesses that adopt strong privacy practices.
The Study is based on results from a double-blind survey of over 2,800 security professionals in organizations of various sizes across 13 countries. It provides deep insight into the state of privacy a year and a half after the effective date of the European Union’s General Data Protection Regulation (GDPR), widely considered a turning point on how organizations control and manage the use of personal data. Customer demands for increased data protection and privacy, the ongoing threat of data breaches and misuse by both unauthorized and authorized users, and preparation for the GDPR and similar laws around the globe spurred many organizations to make considerable privacy investments – which are now delivering strong returns. Key findings include:
- Majority of Organizations are Experiencing Very Positive Returns: Organizations, on average, receive benefits 2.7 times their investment, and more than 40 percent are seeing benefits that are at least twice that of their privacy spend;
- Operational and Competitive Advantages: Up from 40 percent last year, over 70 percent of organizations now say they receive significant business benefits from privacy efforts beyond compliance, including better agility, increased competitive advantage and improved attractiveness to investors, and greater customer trust;
- Higher Accountability Translates to Increased Benefits: Companies with higher accountability scores (as assessed using the Centre for Information Policy Leadership’s Accountability Wheel, a framework for managing and assessing organizational maturity) experience lower breach costs, shorter sales delays, and higher financial returns;
- Eighty-two Percent of Organizations see Privacy Certifications as a Buying Factor: Privacy certifications such as the ISO 27701, EU/Swiss-US Privacy Shield, and APEC Cross Border Privacy Rules system are becoming an important buying factor when selecting a third-party vendor. India and Brazil topped the list with 95 percent of respondents agreeing external certifications are now an important factor.
Cisco Vice President & Chief Privacy Officer Harvey Jang noted, “With this Study, we now have empirical evidence of privacy investments paying off for companies—particularly with improved customer relationships, revenue impact, and real bottom-line results.”
As markets continue to evolve, organizations should consider prioritizing their privacy investments on:
- Improving transparency about processing activities – be up front and clear about what you are doing with data and why.
- Obtaining external privacy certifications – ISO, Shield, CBPRs and BCRs have all become important factors in the buying process by streamlining vendor due diligence;
- Going beyond the legal bare minimum – privacy is a business imperative and most organizations are seeing very positive returns on their spend;
- Building strong organizational governance and accountability to be able to demonstrate to internal and external stakeholders your privacy program maturity.
To learn more about how Cisco manages personal data in its products and services, please see Cisco’s Data Privacy Sheets and Cisco’s Data Privacy Maps. The data maps provide a visual representation of how Cisco products collect and handle personal data.
Cisco (NASDAQ:CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at newsroom.cisco.com and follow us on Twitter at @Cisco.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.