In the wake of rising privacy and data security concerns, more than one in four organisations have banned the use of Generative AI (GenAI), according to the latest Data Privacy Benchmark Study by Cisco.

The annual review, which gathered insights from 2,600 privacy and security professionals across 12 geographies, underscores the mounting challenges and the strategic importance of investment in privacy and security.

Escalating Privacy Concerns with GenAI

Generative AI, seen as a transformative yet complex technology, is prompting organisations to rethink their data management strategies. Cisco’s Chief Legal Officer, Dev Stahlkopf, points to the key stat that over 90% of respondents believe GenAI necessitates new approaches to mitigate data and risk. 

But more broadly, the study shows how businesses are mainly concerned with threats to legal and intellectual property rights, and the risk of sensitive information being disclosed publicly or to competitors.

To counter these risks, companies are implementing various controls: most have set data entry limitations, 61% restrict the use of specific GenAI tools, and fewer than one third of those surveyed have banned GenAI applications altogether. 

Despite these measures, there are notable instances where problematic information, such as employee details or non-public company information has been entered into GenAI systems.

Transparency and Trust: The Ongoing Struggle

While consumers are increasingly anxious about how AI uses their data, the Cisco study reveals that just 9% of organisations feel they have done enough to address concerns.

The gap between organisational priorities and consumer expectations remains stark – consumers prioritise clear communication on data usage and protection against data being sold for marketing. In contrast, a quarter of organisations are focusing more on regulatory compliance and just over a fifth are occupied with avoiding data breaches.

The call for greater transparency is evident, especially with AI applications where algorithmic decisions are often opaque. Bridging this gap could significantly enhance consumer trust.

The Role of External Certifications and Privacy Laws

The study also shows a strong link between privacy certifications and consumer trust, with 98% of respondents considering these certifications crucial in their purchasing decisions. Cisco’s Vice President and Chief Privacy Officer, Harvey Jang, emphasises that customers are increasingly demanding proof of data protection, with 94% indicating they would not engage with companies failing to safeguard their data.

Privacy laws, while imposing costs and compliance requirements, are viewed positively by 80% of respondents, who believe these regulations bolster consumer confidence and trust. Interestingly, many organisations also support data localisation, with 91% asserting that local data storage enhances security, although 86% acknowledge that global providers can offer superior protection at scale.

Know the risks

As privacy concerns with AI continue to grow, it is clear that organisations must prioritise transparency and robust privacy practices to maintain consumer trust and leverage AI responsibly. It’s an approach that will mitigate risk while fostering consumer loyalty and confidence in the digital age.

The issues are examined in depth this October at #RISK London, where industry leaders explore the importance of ethical responsibility and user-centric practices in data processing standards in the AI era.

#RISK London 2024

We’re excited to share that #RISK is back in London for its third consecutive year, ready to equip attendees like you with the knowledge, insights, and connections crucial for navigating today’s dynamic risk landscape.

#RISK London 2024, ExCel

#RISK London 2024, 9-10 October, ExCel - GRC. AI. Privacy. Security. RegTech

Key #RISK London sessions include:

Beyond Compliance: Building a Culture of Privacy by Design

Location: PrivSec Theatre

This session will delve into the concept of “Privacy by Design,” a proactive approach that integrates privacy considerations into every stage of product development and data processing.

Experts will explore strategies for fostering a culture of privacy within organisations, from employee awareness training to implementing data minimisation practices.

The Evolving Regulatory Landscape: Staying Compliant in a Complex World

Location: Risk Theatre

This session provides insights into the rapidly evolving regulatory landscape impacting risk management practices.

Experts will discuss regulations like GDPR, CCPA, and DORA, outlining their implications for businesses and providing strategies for achieving compliance.

These are just two of the exclusive sessions taking place at #RISK London this October

Click here to see the full agenda

Discover more at #RISK London

Taking place October 9 and 10 at London’s ExCel, #RISK London brings high-profile subject-matter experts together for a series of keynotes, engaging panel debates and presentations across four separate theatres:

• GRC Theatre

• RegTech Theatre

• PrivSec Theatre

• Risk Theatre 

Each theatre is dedicated to examining the challenges and opportunities that businesses face in times of unprecedented change.

By breaking down silos and aligning systems and workflows, organisations can streamline decision-making, improve efficiencies, and enhance the customer experience.

Attendees will be able to learn how to mitigate risks, reduce compliance breaches, and drive performance.

“#RISK is such an important event as it looks at the broad perspective. Risks are now more interconnected and the risk environment is bigger than ever before.”Michael Rasmussen, GRC Analyst & Pundit, GRC 20/20 Research

Click here to register for #RISK London today!

Risk London 2024 Logo-Updated