Cisco has published its 2022 Data Privacy Benchmark Study, an annual global review of privacy corporate practices on the impact of privacy on organizations and their views towards data privacy.
The 2022 report found that privacy is mission-critical, as 90% consider privacy a business imperative. The survey showed privacy investment continues to rise and organizations see a high return on investments from privacy spending.
Privacy has become a true business imperative and a critical component of customer trust for organizations around the world. For the second year in a row, 90% of respondents said they would not buy from an organization that does not properly protect its data and 91% indicated that external privacy certifications are important in their buying process.
“The study shows that privacy is increasingly becoming a fundamental responsibility for security professionals. This year, findings show that aligning privacy with security generates financial and other benefits,” said Fady Younes, Cybersecurity Director – Cisco Middle East and Africa. “Privacy continues to rise in importance for organizations, regardless of their size or location.”
Privacy’s Return on Investment (ROI) remains high for the third straight year, with increased benefits for small to medium size organizations. More than 60% of respondents felt they were getting significant business value from privacy, especially when it comes to reducing sales delays, mitigating losses from data breaches, enabling innovation, achieving efficiency, building trust with customers and making their company more attractive.
Respondents estimate their ROI to be 1.8 times spending on average. While this continues to be very attractive, it is slightly less than last year (1.9 times spending). This could be due to on-going needs in responding to the pandemic, adapting to new legislation, uncertainty over international data transfers and increasing requests for data localization.
Privacy legislation continues to be very well received around the world even though complying with these laws often involves significant effort and cost (e.g., cataloguing data, maintaining records of processing activities, implementing controls – privacy by design, responding to user requests). A total of 83% of all corporate respondents said privacy laws have had a positive impact and only 3% indicated the laws have had a negative impact.
As governments and organizations continue to demand further data protection, they are putting in place data localization requirements. A total of 92% of survey respondents said this has become an important issue for their organizations. But it comes at a price – across all geographies, 88% said that localization requirements are adding significant cost to their operation.