Cisco research finds great results for companies investing in secrecy
The report shows that enterprises with mature privacy policies have seen millions in substantial returns from investments in protecting their data.
Privacy rules have been all the rage since the famous GDPR came into being in the last few years. Dozens of countries have begun working on their own privacy legislation while U.S. states like California, Nevada and Washington have passed laws requiring companies to enforce certain rules regarding their data.
The new Cisco “Data Confidentiality Criteria Review” report from Cisco shows that while these laws may seem daunting, companies are seeing significant financial benefits from having mature privacy rules manages the data they collect from customers.
Cisco researchers spoke to 2,800 security professionals in 13 countries about how their company handled privacy and data security.
The study found that a greater focus on privacy led to shorter sales delays, better security and fewer data breaches. Over 40% of the companies surveyed see benefits at least twice what they spend on ensuring privacy.
The percentage of organizations that said they received significant business benefits from privacy has grown to over 70% and a further 82% see privacy credentials as a buying feature when choosing a product or vendor. their supply chain.
In an interview, Robert Waitman, Cisco's director of privacy vision and innovation, said their research over three years looked at and measured the benefits of having a good privacy program.
“At Cisco, we have conducted a privacy investigation over the past few years to consider the benefits or costs to organizations of the rules and the further scrutiny they receive from the Cisco. their customers about data privacy, "Waitman.
“On average, for every $ 100 a company spends on privacy, they get a $ 270 business return in return, which comes in better security taste, shorter sales delays, more innovation and flexibility as well as competitive advantages. difficult to measure so we looked at the results of what companies have told us about their benefits, "he said.
The companies surveyed spend between $ 2 million and $ 500,000 annually on privacy protection. The average spend was $ 1.2 million, but the average return companies saw was $ 2.7 million.
For larger enterprises with 10,000 or more employees, the benefits were even greater, with estimated benefits reaching over $ 4 million. Another 17% said they recovered more than $ 10 million while small businesses averaged around $ 2 million.
“Privacy and accountability are at the heart of our data-driven innovation, and they have become key differences for our brand. This research confirms that privacy is a vital investment for forward - looking companies, "Caroline Louveaux, Mastercard's chief privacy officer, said in the survey.
When it comes to data breaches, companies that have matured privacy policies have reported a significant reduction in the number and severity of attacks.
The report found that mature and accountable data management, control and treatment processes appear to help organizations avoid and limit the impact of data breaches. Length of sales delay was also directly related to the sophistication of your privacy programs.
"The most advanced companies are more than twice as likely to not go bankrupt last year. Only 13% of unbroken campaigns went if they were low on the privacy scale. If you were more mature on the privacy scale, 28% were not breached, "Waitman said.
“You are twice as likely to have an uninterrupted year if you have invested money in secret. Going further, among these groups, they had less downtime from downtime, with 19% less downtime, 28% fewer records broken and total cessation costs. down 10%. "
SEE: 60 ways to get the most out of your big data campaigns (Free PDF) (Technology Republic)
Privacy credentials are one way companies can differentiate themselves and send clear messages to customers and suppliers that they are at the top of their game when it comes to data protection.
In the report, Cisco cites privacy certifications, programs and applications such as ISO 27701, EU / Swiss-US Privacy Shield, APEC Cross-Border Privacy Regulations and EU Binding Corporate Regulations.
More than 90% of companies in Brazil, India and China told Cisco researchers that these credentials represented a buying feature when choosing a vendor or product.
“You have to think about getting these testimonials because this is something that your customers are looking more and more concerned about. It simplifies the purchasing process. If you can say 'Hey, do you have that certificate' and the answer is yes, they do. you do not have to ask any other questions on that subject, ”said Waitman.
"We were amazed at how high that number was and it was real all over the world."
One interesting aspect of the study was the difference between enterprises in countries around the world.
According to the study, the average return on privacy investment varies significantly by country, with the highest average returns available in the United Kingdom, Brazil and Mexico, which each had a return three times greater than the privacy investment aca.
While there has been some concern about all privacy laws making their way through state legislatures in the United States, companies around the world have said that rules such as the GDPR have given them a better handle on data. aca.
"We have heard many stories about this reportedly as a result of all the recent privacy controls. Many organizations feel that they can do nothing with personal data. They believe that they are not allowed to touch the use such data or those e - mails or do anything related to it. personal data. That is not true. It must be used properly and protected and have a legal basis for its use, " said Waitman.
“Helping people understand what they can do by knowing what they can't do will allow them to do a lot around flexibility and get the company to try new things. With 71% of companies saying they are better at it because privacy is a big issue. "