• Global study shows benefits from data privacy averaging 2.7 times investment
• For the first time, the 2020 Data Privacy study, drawing from data from 2800 organizations in 13 countries shows return on investment (ROI) for privacy
• Seventy percent of organizations say they received significant business benefits from privacy beyond compliance—up from 40 percent in 2019
Cisco, recently, published its 2020 Data Privacy Benchmark Study, the company’s third annual look into corporate data privacy practices worldwide and shows growing tangible benefits for businesses that adopt strong privacy practices.
The Study is based on results from a double-blind survey of over 2,800 security professionals in organizations of various sizes across 13 countries. It provides deep insight into the state of privacy a year and a half after the effective date of the European Union’s General Data Protection Regulation (GDPR), widely considered a turning point on how organizations control and manage the use of personal data. Customer demands for increased data protection and privacy, the ongoing threat of data breaches and misuse by both unauthorized and authorized users, and preparation for the GDPR and similar laws around the globe spurred many organizations to make considerable privacy investments – which are now delivering strong returns.
Key findings include :
- Majority of Organizations are Experiencing Very Positive Returns : Organizations, on average, receive benefits 2.7 times their investment, and more than 40 percent are seeing benefits that are at least twice that of their privacy spend;
- Operational and Competitive Advantages : Up from 40 percent last year, over 70 percent of organizations now say they receive significant business benefits from privacy efforts beyond compliance, including better agility, increased competitive advantage and improved attractiveness to investors, and greater customer trust;
- Higher Accountability Translates to Increased Benefits : Companies with higher accountability scores (as assessed using the Centre for Information Policy Leadership’s Accountability Wheel, a framework for managing and assessing organizational maturity) experience lower breach costs, shorter sales delays, and higher financial returns;
- Eighty-two Percent of Organizations see Privacy Certifications as a Buying Factor : Privacy certifications such as the ISO 27701, EU/Swiss-US Privacy Shield, and APEC Cross Border Privacy Rules system are becoming an important buying factor when selecting a third-party vendor. India and Brazil topped the list with 95 percent of respondents agreeing external certifications are now an important factor.
Cisco Vice President & Chief Privacy Officer Harvey Jang noted, “With this Study, we now have empirical evidence of privacy investments paying off for companies—particularly with improved customer relationships, revenue impact, and real bottom-line results.”
As markets continue to evolve, organizations should consider prioritizing their privacy investments on:
- Improving transparency about processing activities – be up front and clear about what you are doing with data and why.
- Obtaining external privacy certifications – ISO, Shield, CBPRs and BCRs have all become important factors in the buying process by streamlining vendor due diligence;
- Going beyond the legal bare minimum – privacy is a business imperative and most organizations are seeing very positive returns on their spend;
- Building strong organizational governance and accountability to be able to demonstrate to internal and external stakeholders your privacy program maturity.