Organisations Treading Cautiously About Gen AI Over Data Privacy, Security Risks: Report
92% of Cisco’s survey respondents said their customers will not buy from them if they do not adequately protect their data.
Organisations are facing rising privacy concerns and trust challenges over their use of generative artificial intelligence, even as they are getting attractive returns from privacy investments, the 2024 Data Privacy Benchmark Study by Cisco shows.
According to the survey, most organisations are aware of privacy concerns and threats, and are putting in place controls to limit exposure. Around 63% have established limitations on what data can be entered, and 61% have limits on which Gen AI tools can be used by employees. More than one-fourth (27%) said their organisation had banned Gen AI applications altogether for the time being.
Additionally, 88% of respondents in India said privacy laws have had a positive impact on their organisations, which was higher than the 80% of overall respondents. Only 6% said that privacy laws have had a negative impact on their business.
“Organisations see Gen AI as a fundamentally different technology with novel challenges to consider. More than 90% of respondents believe Gen AI requires new techniques to manage data and risk. This is where thoughtful governance comes into play. Preserving customer trust depends on it,” said Dev Stahlkopf, Cisco chief legal officer.
The study drew responses from 2,600 privacy and security professionals across 12 geographies, including India.
Privacy Critical For Customer Trust
Privacy is a critical enabler of customer trust, and 92% of survey respondents said their customers will not buy from them if they do not adequately protect their data, the highest in years. Almost all (98%) respondents said that external privacy certifications are important in their buying process.
Almost 95% of respondents in India said they need to do more to reassure their customers that their data was being used only for intended and legitimate purposes when it comes to AI. Of the respondents, 69% said that organisations are ensuring a human is involved in the process to reassure their customers about data use and AI.
Nearly all organisations (97%) felt they have a responsibility to use data ethically. Ninety-six percent of respondents agreed that privacy is a business imperative, not just a compliance burden, and 95% indicated that privacy’s benefits are greater than its costs.
“In today’s digital-first world, data is a valuable asset, and safeguarding it is not just a compliance matter, but a business imperative. The study underscores a critical reality—92% of respondents acknowledge that customer trust and loyalty are at stake if data protection measures fall short,” said Samir Kumar Mishra, director, security business, Cisco India and SAARC.
“This reflects the pivotal role that robust privacy practices play in influencing customers’ buying decisions, as well as a major shift in how companies are addressing them,” Mishra said.
Data Localisation And Safety
Many governments and organisations are putting in place data localisation requirements to ensure that certain data is kept within a specific country or region. Among organisations, most (91%) believe their data would be safer if it is only stored within their country or region.
However, almost the same number (86%) also said that a global provider, operating at scale, can better protect their data compared to a local provider. The percentage of respondents saying that a global provider can better protect data compared to a local provider was even higher (94%) in India.
