Businesses that are embracing the EU’s General Data Protection Regulation (GDPR) enjoy increased efficiency and are more attractive to investors, according to a new study by Cisco.

The GDPR came into being in May 2018 with organisations across industries urged to meet compliance standards to boost security while mitigating a host of dangers including data breaches, regulator attention, financial penalties and reputational damage.

But new research by US tech giant, Cisco, has uncovered many unexpected benefits of reaching out to new data security standards, such as the ability to nurture innovation within a refreshed business environment that is far more appealing to investors.

The data privacy benchmark study looked at how organisations prepared for the new EU data laws and how the laws impacted upon business when they came into effect last year.

It was discovered that 59% of companies globally feel they are ready for the GDPR, with a further 29% claiming to be in good shape within 12 months.

Organisations in Britain are performing above average in terms of preparation, with 69% of companies deeming themselves compliant.

The study revealed a 74% likelihood of a suffering a data breach for GDPR-ready firms, compared with an 80% likelihood among those that state they will fully aligned with the laws’ standards in one year, and 89% for those that say they will be ready in over a year.

More favourable outcomes are also on offer to compliant firms in the event of a data breach. On average, companies meeting GDPR standards can expect to have 79,000 records hit in the event of a breach, compared with 100,000 and 212,000 for companies due to reach compliance in one year, and in over one year, respectively.

Downtime in the event of a data breach follows a similar trend, with the figures at 6.4 weeks, 8.1 weeks and 9.4 weeks in the same categories of GDPR-readiness, demonstrating that the new regulations are having the desired galvanising effect on data security.

Unexpected benefits
The overwhelming majority of companies surveyed (97%) said that at least one of the benefits of GDPR compliance was not directly related to data protection, while 75% of respondents said there were at least two indirect benefits.

For example, 42% of companies said that meeting new standards is helping them to broaden innovation thanks to the right data controls being in place.

Furthermore, 41% of organisations cited a fresh competitive advantage, while the same quantity said that procedural efficiencies had been increased because compliance had left data better catalogued.

More than one third (37%) said that they could bring down pre-existing sales delays due to customers’ concerns over privacy, and 36 per cent claimed that their appeal in the face of prospective investors had gone up.

The report concluded:

“These results highlight that privacy investment has created business value far beyond compliance and has become an important competitive advantage for many companies,” the report concluded.

“Organizations should, therefore, work to understand the implications of their privacy investments, including reducing delays in their sales cycle and lowering the risk and costs associated with data breaches as well as other potential benefits like agility/innovation, competitive advantage, and operational efficiency.”

Speaking to GDPR: Report, Data Protection Officer and Principle Consultant at iStorm Solutions, Richard Merrygold said:

“This a really interesting report and it highlights something that I think many privacy professionals have known for a long which is that a good, structured data protection framework should be seen as a business benefit and not a burden.

The GDPR and data protection as a whole is about protecting individuals and giving them greater control over their rights. Any company that takes data protection seriously is likely to realise some kind of business benefit, be it more efficient processes or a more engaged and overall more trusting customer base.

“I think the benefits of a good data protection framework is now becoming clear and this report reflects that trend. Data Protection is going to be fundamental in the future success of both big and small businesses and it’s comforting to see that this feeling is reaching the mainstream.

Cisco will now turn its attention to examining how these benefits evolve in the GDPR era, and as complementing legislation is released.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.

comments powered by Disqus