Privacy spend now a must, firms see high ROI

Image courtesy of Cisco

Privacy is now considered mission-critical among organisations across the world, as 90% see it as a business imperative, according to the 2022 Data Privacy Benchmark Study published by Cisco.

The report analysed responses of more than 4,900 security, IT, and privacy professionals across 27 jurisdictions in Asia Pacific, Europe and the Americas, including Singapore.

Results showed that privacy investment continues to rise and organisations see a high return on investments from privacy spending.

For the second year in a row, 90% of respondents said they would not buy from an organisation that does not properly protect its data.  In Singapore alone, this figure is even higher at 94%.

“With 94% of organisations saying they are reporting one or more privacy-related metrics to their board, and privacy investment rising with an average budget up 13%, there’s no doubt that privacy continues to grow in importance for organisations, regardless of their size or location,” said Harvey Jang, Cisco VP and chief privacy officer.

“We also see privacy growing to be part of the vital skills and core responsibilities for security professionals,” said Jang. “This year’s study confirmed that aligning privacy with security creates financial and maturity advantages compared to other models.”

Results also showed that privacy’s ROI remains high for the third straight year, with increased benefits for small to medium size organisations. 

In Singapore, more than 60% of respondents felt they were getting significant business value from privacy, especially when it comes to reducing sales delays, mitigating losses from data breaches, enabling innovation, achieving efficiency, building trust with customers, and making their company more attractive.

Respondents estimate their ROI to be 1.8 times spending on average. While this continues to be very attractive, it is slightly less than the 2021 study — 1.9 times spending. This could be due to ongoing needs in responding to the pandemic, adapting to new legislation, uncertainty over international data transfers, and increasing requests for data localization.  

Privacy legislation continues to be very well received around the world even though complying with these laws often involves significant effort and cost. Among corporate respondents, 83% said privacy laws have had a positive impact, and only 3% indicated the laws have had a negative impact.

“When it comes to storing data, organisations must ensure that they comply with the data localisation legislations in the jurisdictions where data is being collected,” said Andy Lee, Cisco managing director in Singapore and Brunei.

“Last year, Cisco expanded its Duo data center presence in the region including one in Singapore to enable customers with operations in ASEAN to store their data locally in Singapore and comply with the respective laws,” said Lee.

When it comes to using data, 92% of respondents recognise that their organisation has a responsibility to only use data in a responsible manner. Nearly as many (87%) believe they already have processes in place to ensure automated decision-making is done in accordance with customer expectations.