More than 90% of organizations surveyed during the compilation of Cisco’s annual report Comparative study of data privacy reported that their data privacy teams played a key role in helping them respond to the challenges posed by Covid-19, such as shifting to remote work, adjusting data sharing agreements, and implementing access controls to data. data.
In findings that may seem counterintuitive at first glance, Cisco said that, rather than being pushed aside, privacy advocates have grown in prominence over the past nine months.
“When a serious threat to our safety and well-being arises, many would think that privacy protections would take a back seat,” said Robert Waitman, director of Cisco’s privacy office, in an introductory blog post.
“After all, our personal data, including our health status, social contacts, and physical locations, have been necessary to help control the spread of Covid-19. Also, the rapid shift to remote work has left organizations struggling to keep their functions running, and privacy protections may well have been an afterthought. “
The report drew on responses from 4,400 organizations in 25 countries and found that, overall, companies turned to their security teams to address the fact that they were mostly unprepared for such an event.
About 87% of people said they were concerned about the privacy protections of the tools they were being asked to use, particularly in light of the high-profile coverage of issues arising from the Zoom conferencing platform.
The new mission-critical nature of privacy policies is reflected in the daily work of CISOs and other security professionals, with more than a third of those identifying as such saying that privacy, along with assessment and management Risk management and threat response was now one of his main areas of responsibility.
This also means that privacy measures are attracting attention at the board level: Cisco said 90% of organizations are now implementing and reporting privacy metrics to the C-suite and the boardroom. This can also be reflected in privacy budgets, which have doubled year over year. The Cisco report also noted that external certifications like ISO 27701 were becoming a critical purchasing factor.
Waitman said it was clear that data privacy has come of age and is no longer seen as just a consumer benefit. The report’s data revealed that more than 66% of organizations are realizing business benefits from improving their data privacy postures, including reduced sales delays and other operational efficiencies, improved innovation, and more loyal and more trusting customers. Perhaps it goes without saying that this translates to bottom line, he said, and the average organization estimates a double return on their investment.
Going forward, the research found evidence of strong support for maintaining privacy principles and protections established at the onset of the pandemic, and for legal protections: 62% of respondents wanted little or no change in privacy laws existing.
However, while people used to support their employers’ efforts to maintain a safe work environment for Covid, they were less positive about mechanisms that track their location or collect or disclose information about one’s Covid-19 status, such as contact tracing apps. . People tended to agree that the use of their personal data for such purposes should be limited and strictly controlled in a transparent, fair and responsible manner.
“The days of privacy being thought of as a mere compliance issue are over. Forged by the pandemic, privacy has become a top priority for management, employees and customers alike, ”Waitman said.