Privacy has become mission-critical, with 90% of respondents to Cisco’s 2022 Data Privacy Benchmark Study considering it a business imperative.
The survey shows that privacy investment continues to rise and organisations see a high return on investments from privacy spending.
Privacy has become a true business imperative and a critical component of customer trust for organisations around the world. For the second year in a row, 90% of the respondents said they would not buy from an organisation that does not properly protect its data, and 91% indicated that external privacy certifications are important in their buying process.
“With 94% of organisations saying they are reporting one or more privacy-related metrics to their board, and privacy investment rising with an average budget up 13 percent, there’s no doubt that privacy continues to grow in importance for organisations, regardless of their size or location,” explains Harvey Jang, Cisco vice-president and chief privacy officer.
“We also see privacy growing to be part of the vital skills and core responsibilities for security professionals. This year’s study confirmed that aligning privacy with security creates financial and maturity advantages compared to other models.”
Privacy’s return on investment (ROI) remains high for the third straight year, with increased benefits for small to medium size organizations.
More than 60% of respondents felt they were getting significant business value from privacy, especially when it comes to reducing sales delays, mitigating losses from data breaches, enabling innovation, achieving efficiency, building trust with customers, and making their company more attractive.
Respondents estimate their ROI to be 1,8-times spending on average. While this continues to be very attractive, it is slightly less than last year (1,9-times spending). This could be due to ongoing needs in responding to the pandemic, adapting to new legislation, uncertainty over international data transfers, and increasing requests for data localisation.
Privacy legislation continues to be very well received around the world even though complying with these laws often involves significant effort and cost (such as cataloging data, maintaining records of processing activities, implementing controls – privacy by design, responding to user requests). Eighty-three percent of all corporate respondents said privacy laws have had a positive impact, and only 3% indicated the laws have had a negative impact.
As governments and organisations continue to demand further data protection, they are putting in place data localisation requirements. Ninety-two percent of survey respondents said this has become an important issue for their organizations.
But it comes at a price – across all geographies, 88% said that localisation requirements are adding significant cost to their operation.
When it comes to using data, 92% of survey respondents recognize that their organization has a responsibility to only use data in a responsible manner. And nearly as many (87%) believe they already have processes in place to ensure automated decision-making is done in accordance with customer expectations.
Yet Cisco’s survey showed many individuals want more transparency and 56% were concerned about the use of data in AI and automated decision-making. Forty-six percent of surveyed consumers felt they cannot adequately protect their data, chiefly because they do not understand what organisations are collecting and doing with their data.
“Cisco is committed to data privacy, including governance of emergent technologies such as artificial intelligence,” says Anurag Dhingra, Cisco vice-president and chief technology officer: collaboration. “We’re publishing the Responsible AI Framework as part of Cisco’s commitment to transparency and adaptability by establishing a governance process and concrete working practices for our development teams, including vital communication channels with our customers and constituencies.”