Page 1

PRIVACY & INFORMATION SECURITY Business enabler or innovation barrier?

November 2019


A TICKET TO TRADE. UNLESS YOU CAN SEE IT’S A MARKET DRIVER.

Strategic role of data protection is yet unclear for many companies. The key motivation factors for personal data protection: Compliance with laws and regulations

81%

Safeguarding privacy of individuals

39%

Compliance with internal policies

ďŹ nd it highly relevant for their business strategy

However Business enabler

75%

61%

28%

The survey involved 1,300 professionals worldwide in companies in the primary, secondary and tertiary sectors.


PERSONAL DATA

Handling entails risks for companies. The human factors worry companies more than external threats. They see high risk areas: Especially when it is customers’ data 46%

31%

29%

Customers

Business partners

End users/ consumers

27%

22%

17%

Employees and their families

Suppliers

External consultants

Lack of legal competence

Linked to human factors

Lack of employees awareness Lack of management awareness Human error

Linked to technology

InsufďŹ cient IT security

24% 22% 20% 20%

19%


INVESTMENT PRIORITIES

After years of focus on infrastructure, the human factor is part of the picture. Companies mainly invest in:

LEADERS

IT security enhancement

49%

50%

Training/awareness for staff

43%

50%

Risk assessment

38%

47%


LEADERS DO BENEFIT

They face fewer difďŹ culties and can seize competitive advantages.

40%

struggle to know where to focus their efforts to be compliant LEADERS

18%

34%

feel a lack of support and regulatory guidance

17%

51%

consider personal data management as a competitive advantage

62%


NEW TECHNOLOGIES AND REGULATIONS: VALUE OR COMPLICATION?

Many companies are still unsure of the impact.

17%

15%

34%

see beneďŹ ts

see threats

30% New digital technologies

do not see regulations as an obstacle to innovation projects

30%


MANAGING DATA PROTECTION

Leading companies are still few, but investments expected to increase.

TODAY

8% few companies see themselves as leading

2 YEARS FROM NOW

21%

with more aspiring to become leading

77%

expect to maintain or increase investments in privacy management in the next 12 months

93% LEADERS


ISO/IEC 27001

Certification is a valid support for data protection. The benefits from ISO/IEC 27001 match the most pressing privacy risks: Commitment by management

83%

of certified companies were greatly supported by their ISO/IEC 27001 management system

Linked to human factors

Ability to meet stakeholder’s requirements

Employeee engagement

Linked to technology

Implementing appropriate technical and organizational security measures

51% 50% 44%

46%


LEADERS' FEATURES

Personal data protection is key to their business strategies.

Beyond mere compliance, they are also motivated by market drivers.

Leaders know where to focus their efforts and manage regulations.

Privacy is managed through deďŹ ned company roles and responsibilities.

Will continue to make investments for data protection.

Leaders see beneďŹ ts from new digital technologies.

Consider ISO/IEC 27001 as a valuable support for managing personal data.

Privacy regulation is not perceived as a limit to innovative projects.

Profile for DNV AS

2019 Privacy and Information Security  

2019 Privacy and Information Security  

Profile for dnvgl

Recommendations could not be loaded

Recommendations could not be loaded

Recommendations could not be loaded

Recommendations could not be loaded