- Security TWENTY
- Women in Security
There’s a link between good privacy practice and business benefits such as shorter sales delays and fewer and less costly data breaches, according to network and cyber company Cisco’s 2019 Data Privacy Benchmark Study.
The European Union-wide General Data Protection Regulation became the law in the EU in May 2018. Organisations worked steadily towards getting ready for GDPR, Cisco’s 2019 report suggests; 59 percent of organisations reported meeting all or most requirements, 29 percent expect to do so within a year, and 9 percent will take more than a year.
Michelle Dennedy, Chief Privacy Officer, Cisco said: “This past year, privacy and data protection importance increased dramatically. Data is the new currency, and as the market shifts, we see organisations realising real business benefits from their investments in protecting their data. At Cisco, we absolutely believe in both protecting our customers and driving business success by maximising the value of data and minimising risk.”
Customers are increasingly concerned that the products and services they deploy provide privacy protections. Those organisations that invested in data privacy to meet GDPR experienced shorter delays due to privacy concerns in selling to existing customers: 3.4 weeks versus 5.4 weeks for the least GDPR-ready. Overall the average sales delay was 3.9 weeks in selling to existing customers, down from 7.8 weeks reported a year ago. GDPR-ready organisations cited a lower incidence of data breaches, fewer records impacted in security incidents, and shorter system downtimes. They also were much less likely to have a significant financial loss from a data breach. Beyond this, 75 percent of respondents cited that they are realising broader benefits from their privacy investments, which include agility and innovation resulting from having appropriate data controls, competitive advantage, and operational efficiency from having data organised and catalogued.
More than 3,200 global security and privacy managers in 18 countries across industries responded to the Cisco survey about their organisations’ privacy practices. The 14-page report’s findings include:
Some 87 percent of companies are experiencing delays in their sales cycle due to customers’ or prospects’ privacy concerns, up from 66 percent last year. This is likely due to the increased privacy awareness brought on by GDPR and the frequent data breaches in the news. Sales delays by country varied from 2.2 to 5.5 weeks, with Italy, Turkey and Russia at the lower end of the range, and Spain, Brazil and Canada at the higher end. Longer sales delays can be attributed to areas where privacy requirements are high or in transition. Delayed sales can cause revenue shortfalls related to compensation, funding, and investor relations. Delayed sales also can become lost sales if a potential customer buys from a competitor or decides not to buy at all. Top reasons cited for sales delays included investigating customer requests for privacy needs, translating privacy information into customer languages, educating customers about an organisation’s privacy practices, or redesigning products to meet customer privacy needs.
By country, GDPR-readiness varied from 42 percent to 75 percent. Spain, Italy, UK and France were at the top of the range, while China, Japan and Australia were on the lower end. Only 37 percent of GDPR-ready companies experienced a data breach costing more than $500,000, compared with 64 percent of the least GDPR-ready companies.