With that being said, however, as security regulations tighten globally, and regulations such as the GDPR (General Data Protection Regulation) and the California Consumer Privacy Act (CCPA) are implemented, many companies have now found a new way of looking at privacy investments. Instead of coming to terms with the significance of hefty security and private investment, organizations have now started to view privacy investments as a means to avoid being penalized. Although on the surface, it may appear as though there is nothing wrong with investing in privacy to deflect stiff penalties, companies start treating privacy investments like insurance, rather than a way to actually boost sales. Despite the recently implemented regulations, such as the GDPR and CCPA ensuring that companies devote a chunk of their budget to cybersecurity expenditure, the process of financing security measures can become a lot more lucrative, if companies realize that a robust cybersecurity infrastructure can significantly contribute to increased sales as well. Up till this point, everything that we’ve mentioned, particularly the belief that security investments are a run-off-the-mill procedure, is widely accepted within the current IT landscape. A recent survey conducted by Cisco challenges all of these beliefs, and paints a highly positive picture of investing in cybersecurity and privacy, and suggests that every single dollar invested in privacy is capable of generating multiple returns in areas such as product sales, etc. In an attempt to change the widely-held belief that investing in privacy and security is just catering to regulations, we’ve compiled an article that delves deep into Cisco’s surveys and the insights that it generates.
What Were the Revelations Brought Forth in the Survey Conducted By Cisco?
For the 2020 edition of their Data Privacy Benchmark study, Cisco conducted a double-blind survey of a whopping 2800 security pros across thirteen countries. The aim of the study was to figure out the privacy certifications being exercised in today’s IT market, and subsequently, the value that those certifications carry. Furthermore, Cisco’s survey also set out to calculate the ROI for privacy- a feat accomplished for the first time- and drew on the data from 2800 organizations, to generate the following insights:
The survey asked the selected organizations about the previous investments that they had made in cybersecurity and found the privacy and security investment to amount up to $1.2m. For smaller organizations, consisting of around 250-499 employees, the average amount of privacy investments amounted to up to $800,000. As far as the returns on the security investments made are concerned, the survey brought to light the fact that for every dollar spent, the average company was receiving $2.70 in associated benefits. When the surveyed organizations were asked about their annual privacy investments, most companies claimed that they were receiving highly positive returns, whilst 40% of organizations realized that they could double their private investments. Another positive aspect of privacy investments brought forward in Cisco’s Data Privacy Benchmark, is that a staggering 70% of companies believed that they were seeing significant returns across multiple aspects of their business. The areas in which privacy beyond compliance is best reflected include better agility and innovation, and increased competitive advantage, consumer trust, and an overall boost in the company’s attractiveness to investors. Additionally, Cisco’s survey also painted a picture of a positive future for private investments, since eighty-two percent of organizations saw privacy certifications as a motivation for purchasing a reliable third-party vendor.
What Do the Insights Generated By the Cisco Survey Imply?
Perhaps the biggest takeaway from the insights that we’ve mentioned above is that instead of treating privacy investments as this burden that you’re forced to deal with- organizations should look at ways through which they can implement privacy beyond compliance requirements. Some of the more significant implications of the survey, that organizations need to take into account, include the following:
Instead of just spending the least minimum amount on security measures, organizations should try to increase their cybersecurity and privacy expenditure, since most companies are seeing magnificent returns on their private investments. Companies should work to obtain external privacy certifications, since they are a crucial buying factor when selling a vendor or product, as per 82% of the respondents of the survey. Some important privacy certifications include the ISO 27701, and the EU/Swiss-US Privacy Shield. Last but certainly not least, companies should foster accountability and a certain level of maturity to achieve security benefits, reduced sales delays and other benefits.
In Conclusion: At the end of this article, we can only hope that we’ve made clear to our readers the importance of privacy beyond compliance requirements. Having said that, we believe that altering the ways through which we view privacy investments can do much for cybersecurity in general.
Δ