Data privacy concerns are causing significant sales cycle delays for up to 65% of businesses worldwide, according to the findings in the new Cisco 2018 Privacy Maturity Benchmark Study.
In addition, the study shows that privacy maturity is connected to lower losses from cyberevents - 74% of privacy-immature organisations experienced losses of more than $500,000 last year caused by data breaches, compared with only 39% of privacy-mature organisations.
Privacy maturity is a framework defined by the American Institute of Certified Public Accountants (AICPA) and is based on Generally Accepted Privacy Principles (GAPP).
The study surveyed nearly 3,000 global security professionals in 25 countries regarding their privacy maturity and any effects of data privacy on their business. A surprising two-thirds of respondents indicated that data privacy was causing delays in their sales cycles, with an average estimated delay of 7.8 weeks.
The pending May 2018 enforcement of the General Data Protection Regulation (GDPR), the new law enacted to increase protections of European Union (EU) citizens' privacy and personal data, might also be a factor in these delays.
Customers are increasingly concerned that products and services they buy provide appropriate privacy protections. GDPR's provisions apply to any company that processes, stores, or uses this data.
Respondents were asked to assess their current privacy maturity level, according to the standard AICPA model, which defines five privacy maturity levels: ad hoc, repeatable, defined, managed, and optimised.
The study found that the average sales delay for those with ad hoc maturity was 16.8 weeks, but delays decreased for businesses with higher privacy maturity levels.
Businesses with optimised privacy processes reported 3.4 weeks of sales delay, which is an 80 percent reduction compared to ad hoc organisations.
Geography and industry also appear to play a significant role in the length of delay, said Cisco.