Cisco 2019 Data Privacy Benchmark Study shows organisations gaining business benefits from data privacy investments
Length of sales delays from customer privacy concerns reduced by 50%. GDPR-ready organisations see lowest incidence of data breaches.
Organisations worldwide that invested in maturing their data privacy practices are now realising tangible business benefits from these investments, according to Cisco's 2019 Data Privacy Benchmark Study. The study validates the link between good privacy practice and business benefits, as respondents report shorter sales delays as well as fewer and less costly data breaches.
The European Union's General Data Protection Regulation, which focused on increasing protection for EU residents' privacy and personal data, became enforceable in May 2018. Organisations worldwide have been working steadily towards getting ready for GDPR.
Within Cisco's 2019 Data Privacy Benchmark Study, 59% of organisations reported meeting all or most requirements, 29% expect to do so within a year, and 9% will take more than a year.
"This past year, privacy and data protection importance increased dramatically. Data is the new currency, and as the market shifts, we see organisations realising real business benefits from their investments in protecting their data," said Michelle Dennedy, Chief Privacy Officer, Cisco. "At Cisco, we absolutely believe in both protecting our customers and driving business success by maximising the value of data and minimising risk."
Customers are increasingly concerned that the products and services they deploy provide appropriate privacy protections. Those organisations that invested in data privacy to meet GDPR experienced shorter delays due to privacy concerns in selling to existing customers: 3.4 weeks vs 5.4 weeks for the least GDPR-ready organisations.
Overall, the average sales delay was 3.9 weeks in selling to existing customers, down from 7.8 weeks reported a year ago. GDPR-ready organisations cited a lower incidence of data breaches, fewer records impacted in security incidents, and shorter system down-times. They also were much less likely to have a significant financial loss from a data breach. Beyond this, 75% of respondents cited they are realising multiple broader benefits from their privacy investments, which include greater agility and innovation resulting from having appropriate data controls, gaining competitive advantage, and improved operational efficiency from having data organised and catalogued.
More than 3 200 global security and privacy professionals in 18 countries across major industries responded to the Cisco survey about their organisations' privacy practices.
Key findings include:
* Eight-seven percent of companies are experiencing delays in their sales cycle due to customers' or prospects' privacy concerns, up from 66% last year. This is likely due to the increased privacy awareness brought on by GDPR and the frequent data breaches in the news.
* Sales delays by country varied from 2.2 to 5.5 weeks, with Italy, Turkey and Russia at the lower end of the range, and Spain, Brazil and Canada at the higher end. Longer sales delays can be attributed to areas where privacy requirements are high or in transition. Delayed sales can cause revenue shortfalls related to compensation, funding, and investor relations. Delayed sales also can become lost sales if a potential customer buys from a competitor or decides not to buy at all.
* Top reasons cited for sales delays included investigating customer requests for privacy needs, translating privacy information into customer languages, educating customers about an organisation's privacy practices, or redesigning products to meet customer privacy needs.
* By country, GDPR-readiness varied from 42% to 75%. Spain, Italy, UK and France were at the top of the range, while China, Japan and Australia were on the lower end.
* Only 37% of GDPR-ready companies experienced a data breach costing more than $500 000, compared with 64% of the least GDPR-ready companies.
Read the Cisco 2019 Data Privacy Benchmark Study.
* Cliff Farah, President and CEO, The Beacon Group:
"As privacy regulations continue to expand and evolve, corporate leaders will benefit from understanding this research and how their decisions and investments translate into value."
* Peter Lefkowitz, Chief Digital Risk Officer, Citrix Systems and 2018 Board Chairman, International Association of Privacy Professionals (IAPP):
"This research provides evidence for something privacy professionals have long understood, that organisations are benefiting from their privacy investments beyond compliance. The Cisco study demonstrates that strong privacy compliance shortens the sales cycle and increases customer trust."