Nearly all organizations today recognize the importance of privacy to their business. In a recent study, 94% of organizations said customers wouldn’t buy from them if their data was not properly protected and 95% said privacy has become a business imperative. Additionally, 98% said they report privacy metrics to their boards of directors and 95% said all employees must know how to protect privacy. Despite this progress, more remains to be done, especially when it comes to building and maintaining trust. For example, 92% said, when it comes to using artificial intelligence, their organization needs to do more to reassure customers their data is only used for legitimate purposes.
These are some of the findings shared in the Cisco 2023 Data Privacy Benchmark Study released Jan. 24, which draws on more than 3100 anonymous responses from security and privacy professionals in 26 geographies.
Privacy investment and legislation
Even in a difficult economic environment, the average privacy spend in 2022 was $2.7 million, up 125% from three years ago. Estimated benefits from privacy rose to $3.4 million, with significant gains across all organization sizes. The average organization saw benefits of 1.8 times spending and 36% of organizations saw returns at least twice their investment.
Privacy legislation continues to be well received around the world, as 79% of organizations said privacy laws have positive impacts and only 6% indicated the laws have negative impacts.
AI and consumer trust
When it comes to AI, 96% of organizations believe they already have processes in place to meet consumers' expected responsible and ethical standards. Yet, at 65%, the majority of consumers said they have already lost trust in organizations over AI practices. Fortunately, organizations may be starting to get the message. When it comes to AI applications, 92% of respondents said their organizations need to better reassure customers their data is only used for intended and legitimate purposes.
Data localization and global providers
Many governments and organizations are putting data localization requirements in place, forcing data to be kept within a country or region. Most survey respondents said they believe data is inherently safer when it is only stored locally. However, 90% also said a global provider, operating at scale, can protect data better than local providers.
Recommendations for organizations
- Continue to invest in privacy and build privacy capabilities throughout your organization, especially among those directly involved with personal data processing and protection.
- Be more transparent with your customers about how their personal data is being used. While organizations need to comply with the law, compliance alone is not enough. Transparency is the key to trust.
- When using AI in your solutions, provide preferred options to reassure customers, such as offering opt-out mechanisms, adopting AI ethics principles and delivering greater transparency.
- Consider the costs and consequences of data localization. Recognize local providers may be more expensive and could degrade the functionality, privacy and security of your data more than global providers operating at scale.
If you want to comment on this post, you need to login.