From Privacy to Trust and ROI
This blog was originally posted on Cisco Security Blog by author Robert Waitman. Reposted with permission.
As we embark on a new decade, data privacy has become top-of-mind for business executives and consumers worldwide. Data breaches frequently expose the personal data of millions, and many companies have not done enough to protect themselves from intentional or unintentional misuse. While it is often hard to reach agreement on new legislation, one issue that governments around the world seem to agree on is the need to help protect the personal data of their constituents. The EU’s General Data Protection Regulation (GDPR) became enforceable in May 2018, and many countries, from China to Brazil, have updated or passed their own regulations. The new California Consumer Privacy Act (CCPA) became effective at the beginning of 2020, other states are following suit, and a U.S. Federal privacy law is now under consideration.
Insights from the Cisco Data Privacy Research ProgramThe Cisco Chief Privacy Office has provided groundbreaking research and insights to help organizations and consumers understand what they can and should do to keep data safe and maximize their investments in data privacy. Two years ago, we launched our Data Privacy Benchmark Study, which explored privacy maturity and investments across thousands of organizations worldwide. We found that two-thirds of organizations were experiencing significant sales delays due to customer’s data privacy concerns, but that privacy investment was minimizing those delays. Last year, we expanded our inquiry to explore a wide range of business benefits, including the connection between privacy investment and security benefits such as fewer and less costly breaches. In November, we released a companion study looking at the attitudes and behaviors of consumers worldwide. We identified a large group we call “Privacy Actives” – that is, consumers who care about privacy, are willing to spend time or money to protect their data, and have already switched companies or providers based on their data policies.
The 2020 Data Privacy Benchmark Study and the ROI of PrivacyToday, in observance of International Data Privacy Day, I am pleased to share our 2020 Data Privacy Benchmark Study. Drawing on data from 2800 organizations in 13 countries, we have – for the first time - calculated the ROI for privacy. In addition, we updated the privacy metrics we have been tracking over several years. The study explores the value of privacy certifications in today’s market, as follows:
What does this mean for organizations?The results of this study highlight that privacy is good for business, beyond any compliance requirements. We recommend that organizations:
In future blogs, I will explore these results more fully, including some of the interesting differences in results across geographies and company size.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!