Brands Still Have More To Do On Data Privacy

GLOBAL: Businesses around the world are not doing enough to implement data-use governance practices or develop overall information security strategies, according to a new survey of 9,500 senior executives.

Globally, only half (51%) of executives report having an accurate inventory of customer and employee personal data, while just 53% require employees to complete training on privacy policy and practices.

And when it comes to third parties who handle the personal data of customers and employees, less than half (46%) conduct compliance audits to ensure they have the capacity to protect such information.

These are some of the headline findings from the 2018 Global State of Information Security Survey (GSISS), an ongoing study conducted by PwC, the professional services firm.

PwC questioned 9,500 senior executives from 122 countries about their data privacy and security arrangements, with the poll slanted towards respondents from North America (38%), Europe (29%) and Asia Pacific (18%).

It found that businesses in North America and Asia (59% each) are typically ahead of those in Europe (52%) and the Middle East (31%) when it comes to developing an overall information security strategy.

Companies in North America (58%) and Asia (57%) are also significantly ahead of their counterparts in Europe (47%) and the Middle East (29%) in terms of staff training about privacy, as well as on developing an accurate inventory of personal data.

PwC said it expects improvements in authentication technology, including biometrics and encryption, to increasingly help business leaders build trusted networks.

Especially as half of respondents say the use of advanced authentication has improved customer and business partner confidence in the organisation’s information security and privacy capabilities.

In addition, around half (48%) say advanced authentication has helped reduce fraud and 41% say it has improved the customer experience.

However, Sean Joyce, PwC’s US cybersecurity and privacy leader, warned there are still too few companies that are building cyber and privacy risk management into their digital transformation practices.

“Understanding the most common risks, including lack of awareness about data collection and retention activities, is a starting point for developing a data-use governance framework,” he said.

PwC’s findings are released just a couple of months before the European Union’s General Data Protection Regulation (GDPR) comes into force on 25th May.

With the deadline fast-approaching, IAB Europe has also released draft specifications for a Transparency and Consent Framework and has invited public comment on the proposals.

Describing the framework as a non-commercial, open source initiative, IAB Europe said it represents a cross-industry effort to help publishers, technology vendors, agencies and advertisers to meet the transparency and user-choice requirements of the GDPR before the regulation comes into effect.

Sourced from PwC, IAB Europe; additional content by WARC staff

Source :

Brands still have more to do on data privacy
Weighing Privacy vs. Security for the Internet's Address Book
Think Tank: Consumer Data, Stranger, Danger and the Dark Web
GDPR Compliance Requires Looking at the Big Customer Data Picture
Adobe Survey: What Matters The Most For Data Management Platform Users
What Do Modern B2B Customers Want? It's More Complex Than You Think
Forrester Says Only 15% of B-to-B Marketers Are Fully Compliant With GDPR
Facebook critics want regulation, investigation after data misuse
Big Data, Big Ideas: Verve Execs Forecast Location’s Impact On ‘Smart Packaging,’ Connected Cars, Beacons
Information request highlights Frederick's failure to comply with own minority business plan