More than 1 in 4 organisations banned GenAI

January 2024 Risk Management & Resilience

Cisco released its 2024 Data Privacy Benchmark Study, an annual review of key privacy issues and their impact on business. Considering International Data Privacy Day, the findings highlight the growing privacy concerns with GenAI, trust challenges facing organisations over their use of AI, and the attractive returns from privacy investment.

Drawing on responses from 2600 privacy and security professionals across 12 geographies, the seventh edition of the Benchmark shows that privacy is much more than a regulatory compliance matter.

Growing privacy concerns with Generative AI

“Organisations see GenAI as a fundamentally different technology with novel challenges to consider,” said Dev Stahlkopf, Cisco's Chief Legal Officer. “More than 90% of respondents believe GenAI requires new techniques to manage data and risk. This is where thoughtful governance comes into play. Preserving customer trust depends on it.”

Among the top concerns, businesses cited the threats to an organisation’s legal and Intellectual Property rights (69%), and the risk of disclosure of information to the public or competitors (68%).

Most organisations are aware of these risks and are putting in place controls to limit exposure; 63% have established limitations on what data can be entered, 61% have limits on which GenAI tools can be used by employees, and 27% said their organisation had banned GenAI applications altogether for the time being. Nonetheless, many individuals have entered information that could be problematic, including employee information (45%) or non-public information about the company (48%).

Slow progress on AI and transparency

Consumers are concerned about AI use involving their data today, and yet 91% of organisations recognise they need to do more to reassure their customers that their data is being used only for intended and legitimate purposes in AI. This is similar to last year’s levels, suggesting that not much progress has been achieved.

Organisations’ priorities to build consumer trust differ from those of individuals. Consumers identified their top priorities as getting clear information on exactly how their data is being used, and not having their data sold for marketing purposes. When asked the same question, businesses identified their top priorities as complying with privacy laws (25%) and avoiding data breaches (23%).

It suggests additional attention on transparency would be helpful — especially with AI applications where it may be difficult to understand how the algorithms make their decisions.

The role of external certifications and laws

Organisations recognise the need to reassure their customers about how their data is being used, and 98% said that external privacy certifications are an important factor in their buying decisions. This is the highest we’ve seen over the years.

“94% of respondents said their customers would not buy from them if they did not adequately protect data,” explains Harvey Jang, Cisco Vice President and Chief Privacy Officer. “They are looking for hard evidence that organisation can be trusted. Privacy has become inextricably tied to customer trust and loyalty. This is even more true in the era of AI, where investing in privacy better positions organisations to leverage AI ethically and responsibly.”

Despite the costs and requirements privacy laws may impose on organisations, 80% of respondents said privacy laws have positively impacted them, and only 6% said the impact has been negative. Strong privacy regulation boosts consumer confidence and trust in the organisations with which they choose to share their data.

Further, many governments and organisations are putting in place data localisation requirements to keep certain data within a country or region. While most businesses (91%) believe that their data would be inherently safer if stored within their country or region, 86% also said that a global provider, operating at scale, can better protect their data compared to a local provider.

Over the past five years, privacy spending has more than doubled, benefits have trended up, and returns have remained strong. This year, 95% indicated that privacy’s benefits exceed its costs, and the average organisation reports getting privacy benefits of 1,6-times their spending. Further, 80% indicated getting significant “Loyalty and Trust” benefits from their privacy investments, and this is even higher (92%) for the most privacy-mature organisations.

In 2023, the largest organisations (10 000+ employees) increased their privacy spending by seven to eight percent since last year. However, smaller organisations saw lower investment. For example, businesses with 50-249 employees decreased their privacy investment by a fourth, on average.

See the key points of the study in this Infographic.


News summary

• The Cisco 2024 Data Privacy Benchmark Study reveals that most organisations are limiting the use of Generative AI (GenAI) over data privacy and security issues. 27% had banned its use, at least temporarily.

• 48% admit entering non-public company information into GenAI tools.

• 91% of businesses recognise they need to do more to reassure customers that their data is used for intended and legitimate purposes in AI.

• 98% said that external privacy certifications are an important factor in their buying decisions, the highest level in years.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The human factor side of video management systems
Leaderware Editor's Choice Surveillance Risk Management & Resilience
A video management system (VMS) is central to, and the most vital element to any control room operation using CCTV as part of its service delivery, however, all too often, it is seen as a technical solution rather than an operational solution.

Read more...
Get the basics right to win more business
ServCraft Editor's Choice Risk Management & Resilience
The barriers to entry in security are not high. More people are adding CCTV and fencing to their repertoire every year. Cowboys will not last long in a space where customers trust you with their safety.

Read more...
South Africa shows a 1200% increase in deepfake fraud
News & Events Risk Management & Resilience
Sumsub released its third annual Identity Fraud Report of the year, analysing identity fraud across industries and regions based on millions of verification checks across 28 industries and over 2 million fraud cases.

Read more...
Protecting organisations against fraud losses caused by ghost employees
Risk Management & Resilience
Several key South African organisations are potentially incurring significant losses due to 'ghosts’; ghost employees who exist on paper within business or government departments, but not in real life.

Read more...
How hackers exploit our vulnerabilities
Information Security Risk Management & Resilience
Distractions, multi-tasking, and emotional responses increase individuals’ vulnerability to social engineering, manipulation, and various forms of digital attacks; 74% of all data breaches included a human element.

Read more...
The illusion of good intentions
Risk Management & Resilience
The psychology of cyber criminals continues to be an intriguing aspect of discussions surrounding cybercrime. What cybercriminals do, particularly with ransomware, is neutralising perceptions of what they are doing by using business terminology.

Read more...
Rapid rise in DNS attacks drives demand for new approach
Infrastructure Risk Management & Resilience
As ransomware grows more sophisticated and DNS attacks become more frequent, businesses are increasingly trying to protect themselves by adopting innovative approaches and technologies to bolster the integrity and security of their backup systems.

Read more...
South Africans play a role in becoming scam victims
Editor's Choice Risk Management & Resilience
The South African fraud landscape is becoming increasingly risky as fraudsters and scammers look to target individuals with highly sophisticated scams, in an environment where it is becoming increasingly difficult for lawmakers and authorities to bring these criminals to justice.

Read more...
Cyber threat anticipation
NEC XON Information Security Risk Management & Resilience
The ever-increasing number of sophisticated attacks on the horizon means organisations must evolve and adapt their cybersecurity strategies to protect their data, systems, and reputation.

Read more...
Service orientation and attention to detail
Technews Publishing Editor's Choice Risk Management & Resilience
Lianne Mc Hendry evolved from working for an accounting firm to an accomplished all-rounder familiar with the manufacturing, distribution, and system integration aspects of the security industry value chain.

Read more...