Cisco published its 2022 Data Privacy Benchmark Study*, an annual global review of privacy corporate practices, on the impact of privacy on organizations and their views towards data privacy. The 2022 report found that privacy is mission-critical, as 90 percent consider privacy a business imperative. The survey showed privacy investment continues to rise and organizations see a high return on investments from privacy spending.
Privacy has become a true business imperative and a critical component of customer trust for organizations around the world. For the second year in a row, 90 percent of the respondents said they would not buy from an organization that does not properly protect its data, and 91 percent indicated that external privacy certifications are important in their buying process.
“The study shows that privacy is increasingly becoming a fundamental responsibility for security professionals. This year, findings show that aligning privacy with security generates financial and other benefits,” said Fady Younes, Cybersecurity Director – Cisco Middle East and Africa. “Privacy continues to rise in importance for organizations, regardless of their size or location,” Younes added.
Privacy’s Return on Investment (ROI) remains high for the third straight year, with increased benefits for small to medium size organizations. More than 60 percent of respondents felt they were getting significant business value from privacy, especially when it comes to reducing sales delays, mitigating losses from data breaches, enabling innovation, achieving efficiency, building trust with customers, and making their company more attractive.
Respondents estimate their ROI to be 1.8 times spending on average. While this continues to be very attractive, it is slightly less than last year (1.9 times spending). This could be due to ongoing needs in responding to the pandemic, adapting to new legislation, uncertainty over international data transfers, and increasing requests for data localization.
Privacy legislation continues to be very well received around the world even though complying with these laws often involves significant effort and cost (e.g., cataloging data, maintaining records of processing activities, implementing controls – privacy by design, responding to user requests). Eighty-three percent of all corporate respondents said privacy laws have had a positive impact, and only 3 percent indicated the laws have had a negative impact.
As governments and organizations continue to demand further data protection, they are putting in place data localization requirements. Ninety-two percent of survey respondents said this has become an important issue for their organizations. But it comes at a price – across all geographies, 88 percent said that localization requirements are adding significant cost to their operation.
Finally, when it comes to using data, 92 percent of survey respondents recognize that their organization has a responsibility to only use data in a responsible manner. And nearly as many (87 percent) believe they already have processes in place to ensure automated decision-making is done in accordance with customer expectations. Yet, Cisco’s 2021 Consumer Privacy Survey showed many individuals want more transparency and 56 percent are concerned about the use of data in AI and automated decision-making. Forty-six percent of surveyed consumers felt they cannot adequately protect their data, chiefly because they do not understand what organizations are collecting and doing with their data.
- Report landing page: 2022 Data Privacy Benchmark Study
- Report: 2022 Data Privacy Benchmark Study
- Infographic: 2022 Data Privacy Benchmark Study
- Paper: Cisco Responsible AI Principles
- Infographic: Cisco Responsible AI Framework
- Cisco Newsroom: Protecting privacy and human rights in a world of AI
- Blog by Robert Waitman: Privacy Becomes Mission Critical
- Blog by Anurag Dhingra: Introducing Cisco Responsible AI – Enhancing Technology Transparency and Customer Trust
- Blog by Harvey Jang: Balancing Privacy for Good
- Cisco Trust Center
- Cisco Security Report Series