FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Privacy’s impact continues to grow, but more remains to be done

As part of Cisco’s recognition of International Data Privacy Day, today we released the Cisco 2023 Data Privacy Benchmark Study, our sixth annual review of key privacy issues and their impact on business. Drawing on responses from more than 3100 organizations in 26 geographies, the findings show that organizations continue to prioritize and get attractive returns from their privacy investments, while integrating privacy into many of their most important processes, including sales motions, management metrics, and employee responsibilities.

Privacy Investment is Very Attractive

Nearly all organizations have recognized the importance of privacy to their business. Ninety-four percent (94%) of respondents said their customers wouldn’t buy from them if their data was not properly protected, and 95% said privacy has become a business imperative.

Even in a difficult economic environment, the average privacy spend in 2022 was $2.7 Million, up 125% from 3 years ago. Estimated benefits from privacy rose to $3.4 Million with significant gains across all organization sizes. The average organization is getting benefits of 1.8 times spending, meaning they get $180 of benefit for each $100 invested in privacy. Thirty-six percent (36%) of organizations are getting returns at least twice their spending with many getting returns upwards of 3 or 5 times.

Privacy Further Integrated into Organizational Skills and Responsibilities

More organizations are recognizing that everyone across the organization plays a vital role in protecting personal data. Ninety-five percent (95%) of survey respondents said that “all of their employees” need to know how to protect data privacy. Among the security professionals who completed our survey, one-third (33%) included data privacy in their top three areas of responsibility.

Another important indication of privacy’s importance to the organization is the use of privacy metrics. Ninety-eight percent (98%) of organizations said they are reporting one or more privacy-related metrics to the Board of Directors. The average number of privacy metrics was 3.1, which is up from 2.6 in last year’s survey. The most-reported metrics include the status of any data breaches, impact assessments, and incident response.

Privacy legislation continues to be very well-received around the world. Seventy-nine percent (79%) of all corporate respondents said privacy laws have had a positive impact, and only 6% indicated that the laws have had a negative impact.

Organizations Not Fully Aligned with Consumers Regarding Data and Building Trust

Ninety-six percent (96%) of organizations said they have an ethical obligation to treat data properly. However, when it comes to earning and building customer trust, their priorities are not fully consistent with those of consumers. Transparency – providing easily accessible and clear information about how their data is being used – was the top priority (39%) for respondents in the consumer survey, well ahead of not selling personal information or complying with privacy laws. Yet, when asked what builds trust for consumers, organizations in the Benchmark Survey selected compliance over transparency. It seems consumers consider legal compliance to be a “given” with transparency more of a differentiator.

This disconnect can also be seen when it comes to the use of Artificial Intelligence (AI). Ninety-six percent (96%) of organizations in our survey believe they have processes already in place to meet the responsible and ethical standards that customers expect. Yet, the majority of consumers don’t see it that way. As reported in our 2022 Consumer Privacy Survey, 65% already have lost trust in organizations over their AI practices. Fortunately, organizations may be starting to get the message that they aren’t doing enough. Ninety-two percent (92%) of respondents said that when it comes to AI applications, their organization needs to be doing more to reassure customers that their data is only being used for intended and legitimate purposes.

Global Providers Viewed as Safer than Local Providers

Many governments and organizations are putting in place data localization requirements, which forces data to be kept within a country or region. The vast majority (88%) of survey respondents believe that their data would be inherently safer if it is only stored locally. Remarkably, 90% also said that a global provider, operating at scale, can better protect the data compared to local providers. When viewing these two statements together, it seems that while organizations would ideally like to keep their data local, they still prefer and trust a global provider over a local provider. Of course, if they can get both — a local instance set up by a global provider — they would presumably like that even better.

Recommendations

This research suggests that organizations should continue to build and apply privacy capabilities into their operations and solutions, particularly among engineering, IT and security professionals, and those who work with personal data. Transparency is particularly important to customers, and organizations need to do more to reassure customers on how their data is being used, especially when applying and using AI and automated decision-making. Finally, organizations should consider the consequences of data localization requirements and recognize that these add cost and may degrade functionality, privacy, and security.

To learn more, check out the Cisco 2023 Data Privacy Benchmark Study, Infographic, and our Principles for Responsible AI.

Also, the new Cisco 2022 Purpose Report (Power section) and the Cisco ESG Reporting Hub (Integrity and Trust section) to see how trustworthiness, transparency, and accountability are key to Cisco’s approach to security, privacy, and trust.

All this and more can be found on the Cisco Trust Center.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

Data Transparency and its Impact on Customer Trust

How do organizations earn and build trust when it comes to the personal data that customers share with them? Customers certainly expect these organizations to comply with all privacy laws that are now in place in more than 130 countries. Customers also expect them not to sell personal data without consent and to try to avoid data breaches that could expose personal data. While these actions are necessary, organizations still need to do more when it comes to customer trust. According to our latest research, consumers’ top priority is, in fact, for organizations to be more transparent about how they use personal data.

The Cisco 2022 Consumer Privacy Survey, released today, explores what organizations can do to earn and build trust with customers, the actions individuals are taking to protect their data, the impact of privacy laws around the world, and some of the benefits and costs of Artificial Intelligence (AI) and data localization requirements. The report, our fourth annual look at consumer privacy issues, draws on anonymous responses from 2600 adults in 12 countries.

Here are some highlights from the survey:

  1. Consumers chose ‘data transparency’ as the top thing organizations can do to build trust regarding how personal data is used and protected. At 39%, data transparency was selected almost twice as much as ‘refraining from selling personal information’ (21%) or ‘complying with all privacy laws’ (20%).
  2. More consumers are taking action to protect their personal data. Results showed that 37% have stopped using a company or provider over their data practices, with 24% having exercised their Data Subject Access Rights to inquire about the data companies have about them, and 14% having requested changes or deletions to that data.
  3. When it comes to applying and using AI, consumers are supportive, but very concerned with today’s practices. While 43% say AI can be useful in improving our lives and 54% are even willing to share their anonymized personal data to improve AI products, 60% are concerned about how businesses are using AI today. In fact, 65% say they have already lost trust in organizations due to their AI practices.
  4. Consumers continue to strongly support their nation’s privacy laws, as they want their government to take a leading role in protecting personal privacy. On average, 61% felt these laws are having a positive impact, whereas only 3% believe they are having a negative impact. Awareness of these laws continues to be a challenge as only 43% say they are aware of their country’s privacy laws.
  5. Consumers are evenly split on the value of data localization requirements that add cost to the products and services they buy, with 41% in favor and 41% against. Interestingly, in 9 of the 12 countries surveyed, more respondents were against data localization than in favor.

Check out the associated infographic that provides visual and easily consumable descriptions of the key data.

At Cisco, we believe that privacy is a fundamental human right. Privacy continues to be a high priority for consumers, and organizations need to do their part to protect personal data and build consumer confidence in how this data is being used. Some recommendations for organizations include:

  • Investing in transparency. Show your customers where they can find your company’s privacy policies and tell them in easy-to-understand ways exactly how you use their data (see, for example, Cisco’s in Privacy Data Sheets and Data Maps) as this is critical for earning and building their trust.
  • Helping to ensure your customers are aware of relevant privacy laws and their rights. Individuals who know about these protections are more likely to trust organizations with their personal data and have confidence that their data is protected.
  • Adopting measures to ensure responsible use of data. While misuse of personal data in AI can erode consumer trust, some positive steps to apply and use it responsibly include implementing an AI governance framework, providing transparency on how personal data is used in any AI application, and enabling customers to opt out of the specific application.
  • Evaluating the costs and legal alternatives, if any, to data localization requirements. These requirements may not be worth their cost to many consumers, and it is still unclear if they contribute to greater safety and privacy.

Privacy remains a critical element of trust. Consumers want more transparency and control of their personal data, especially as we continue to see innovations in technology. As we are now in the midst of Cybersecurity Awareness Month in the US and other countries around the world, it’s a great time to learn more and join in activities and discussions that advance cybersecurity.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

❌