SlideShare a Scribd company logo

Edelman Privacy Risk Index

Edelman Japan
Edelman Japan

The Edelman Privacy Risk Index reveals that privacy risks are at an all-time high for businesses. It identifies key drivers of privacy risk, such as a company's industry, geographic footprint, and the type of information collected. Fewer than half of surveyed companies effectively manage privacy practices around communications, business operations, and data protection. This leaves many businesses highly susceptible to privacy incidents with potential regulatory, financial, and reputational consequences. The report introduces the Edelman Privacy Risk Index tool to help companies assess and prioritize their privacy risks.

1 of 43
EDELMAN PRIVACY RISK INDEX POWERED BY PONEMON Edelman GCRM Program | 1
BUSINESS LEFT VULNERABLE TO PRIVACY RISK Privacy risks can have a substantial impact on business operations and corporate reputation. Edelman’s privacy research shows, for the Companies face increasing regulation and first time, the main drivers of privacy risk. potential fines for the misuse and loss of The survey reveals: sensitive information. If the regulatory pressure wasn’t enough, not a week goes by without a Privacy risks are at an all time high, presenting company or an entire industry in the news for an a significant challenge for businesses. alleged privacy violation causing significant harm to corporate reputation. Businesses are struggling to manage the privacy practices that most contribute to risk. Managing data security and privacy effectively is essential to businesses today. The growing Operating globally and in financial services volume and sensitivity of information being and health industries significantly contributes shared, stored and used is driving demand for to risk. greater transparency about how it is being managed and protected.
PRIVACY RISK AT AN ALL TIME HIGH Edelman GCRM Program | 3
THE CONSEQUENCES OF PRIVACY RISK The costs are high. Businesses are losing customers and money, reputations suffer. As a result, the license to operate hangs in the balance. CUSTOMERS CORPORATE REPUTATION MONEY BUSINESS DISRUPTION Edelman GCRM Program | 4
DRIVERS OF PRIVACY RISK AND LIABILITY CONSUMER CONCERN REGULATORY ENFORCEMENT Three quarters of consumers will stop using an online FTC levels $22.5 million for privacy violation shop if information was accessed without permission New proposed EU legislation may include fines up to 2% of annual turnover Less than half of consumers trust healthcare organizations to protect info Edelman DSP Group Study LITIGATION MEDIA SCRUTINY Average settlement $2,500 per plaintiff, and mean attorneys’ fees of $1.2 million Temple University Beasley School of Law Edelman GCRM Program | 5
INTRODUCING THE EDELMAN PRIVACY RISK INDEX The Edelman Privacy Risk Index (ePRI) is a global benchmarking study and tool that measures the top drivers of privacy risk for businesses. The ePRI explores how companies are managing privacy risk caused by business practices and operations. • Based on analysis of research from the Ponemon Institute over the last three years • Analysis of 6,400 individual responses by risk managers, privacy professionals and IT Pros • 29 countries included in benchmarking and tools • The research serves as the baseline for an online tool that allows companies to access their privacy risk against the benchmark • Indented to be directional NOT diagnostic
ELEMENTS OF PRIVACY RISK The Edelman Privacy Risk Index reveals a lack of preparedness in managing the potential financial and reputational damage relating to the loss or misuse of personal information. Our survey found companies face significant risk due to its business profiles and failing to implement strong privacy practices. BUSINESS PRIVACY PROFILE: PRACTICES: WHAT DEFINES HOW YOU Overall YOUR BUSINESS OPERATE RISK
WHAT DEFINES YOUR BUSINESS
BUSINESS PROFILE Companies must understand how their business profile contributes to their privacy risk. Those operating in high risk environments are particularly vulnerable to incidents if they don’t properly manage privacy practices. Industry Headcount/ Geography Size RISK Info Collected/ Managed Footprint
BUSINESS PROFILE RISK AT A GLANCE Geography Footprint Industry Headcount/ Info Collected Size HIGHEST RISK HIGHEST RISK HIGHEST RISK HIGHEST RISK HIGHEST RISK • Belgium • Global and Super • Financial • Small- and • Sensitive • Italy Regional Services Medium-sized Customer • Spain • Health/Pharma Businesses Information • Communications LOWEST RISK LOWEST RISK LOWEST RISK LOWER RISK LOWER RISK • China • Local • Industrial • Enterprise • Only Employee • India Automotive • Brazil • Manufacturing See appendix for full findings
COMPANIES HAVE DIFFERENT STARTING RISKS Companies in different industries, markets and sizes have different starting points for operational risk. It’s essential that businesses understand where they stand and take action if they are at high risk. Company w/ Low Company w/ High Operational Risk Operational Risk VS. Brazil Italy Manufacturing Health Local Global Large enterprise SMB Collects employee info Collects health and sensitive customer information
PRIVACY PRACTICES
PRACTICES THAT DETERMINE RISK The ePRI identified three pillars and twelve practices that are key indicators of businesses’ ability to mitigate risk of a data breach, privacy lawsuit or regulatory action. • My organization is transparent about what it does with employee and customer information. My organization is quick to respond to privacy complaints or questions from customers and regulators. Communications • My organization makes a substantial effort to educate employees about privacy and data security. & Engagement • Employees in my organization understand the importance of privacy and how to protect personal and/or sensitive information. • My organization considers privacy and the protection of personal information a corporate priority. • A high-level executive leads my organization's privacy program and is empowered to make decisions. • My organization understands global privacy cultural differences. Business • My organization strictly enforces all levels of non-compliance with laws and regulations. Operations • My organization believes a data breach would adversely affect our reputation and financial position. • My organization has ample resources to protect employee and customer information. • My organization is able to prevent and quickly detect the theft or misuse of personal information. Data Protection • My organization has the expertise and technology to protect personal information.
BUSINESSES FALLING SHORT Fewer than half of those surveyed agreed they effectively manage risk, leaving them highly susceptible (or exposed) to a privacy incident. They are failing to: • Make privacy a priority and devote resources • Engage their employees • Embrace transparency • Manage regulatory concerns
COMPANIES LACK RESOURCES AND EXPERTISE • My organization has the expertise and technology to protect personal information. Strongly Disagree Strongly Disagree 12% Strongly Agree 14% Strongly Agree 16% 15% COMPANIES AT RISK Disagree Agree Disagree 25% Agree 17% 26% 23% 67% 62% Don't Know Don't Know 30% 22% • My organization has ample resources to protect employee and customer information. Strongly Disagree Strongly Disagree 3% 11% Strongly Agree Strongly Agree COMPANIES AT RISK Disagree 16% 22% 20% Disagree 21% Agree Agree 59% 19% 29% Don't Know Don't Know 55% 36% 23%
COMPANIES FAIL TO PRIORITIZE • My organization considers privacy and the protection of personal information a corporate priority. Strongly Disagree Strongly Disagree 7% Strongly Agree 14% Strongly Agree 15% 15% COMPANIES AT RISK Disagree 20% Disagree 14% Agree 21% Agree 25% 64% 59% Don't Know Don't Know 37% 31% • My organization believes a data breach would adversely affect our reputation and financial position. Strongly Disagree Strongly Disagree 6% Strongly Agree 10% Strongly Agree Disagree 18% COMPANIES AT RISK 19% 14% Disagree 17% Agree Agree 56% 25% 31% Don't Know Don't Know 51% 36% 24%
COMPANIES FAIL TO ENGAGE EMPLOYEES Privacy incidents often originate when employees improperly use or accidently expose information. The ePRI found a majority of companies fail to address the potential risk presented by poor employee education. • Employees in my organization understand the importance of privacy and how to protect personal and/or sensitive information. Strongly Disagree Strongly Disagree 6% Strongly Agree 17% Strongly Agree 16% 15% COMPANIES AT RISK Disagree 23% Agree Disagree Agree 20% 24% 25% 64% 60% Don't Know Don't Know 35% 20% • My organization makes a substantial effort to educate employees about privacy and data security. Strongly Disagree Strongly Disagree 10% Strongly Agree 17% Strongly Agree 15% 14% COMPANIES AT RISK Disagree Agree 25% Agree 16% Disagree 21% 69% 24% 65% Don't Know Don't Know 35% 23%
COMPANIES ARE NOT TRANSPARENT OR RESPONSIVE Despite new laws around the world calling for greater notice and consent before collecting consumer information and increased media scrutiny, companies struggle to be transparent and respond to complaints. • My organization is transparent about what it does with employee and customer information. Strongly Disagree Strongly Disagree 5% Strongly Agree 6% Strongly Agree 18% 16% COMPANIES AT RISK Disagree Disagree 24% 30% Agree Agree 60% 22% 28% Don't Know 56% Don't Know 26% 25% My organization is quick to respond to privacy complaints or questions from customers and regulators. Strongly Disagree Strongly Disagree 11% Strongly Agree 11% Strongly Agree 15% COMPANIES AT RISK 18% Disagree 23% Agree Disagree 19% 29% Agree 65% 21% 61% Don't Know Don't Know 31% 21%
COMPANIES ARE LAX ON REGULATORY COMPLIANCE Many companies struggle to comply with increasingly evolving regulatory requirements around the globe. • My organization strictly enforces all levels of non-compliance with laws and regulations. Strongly Disagree Strongly Disagree 13% Strongly Agree 16% Strongly Agree 18% 17% COMPANIES AT RISK Disagree 20% Agree Disagree Agree 17% 23% 23% 65% Don't Know Don't Know 61% 31% 22% • My organization understands global privacy cultural differences. Strongly Disagree Strongly Disagree 5% Strongly Agree 16% Strongly Agree 16% 14% COMPANIES AT RISK Disagree 29% Agree Disagree Agree 18% 24% 25% 66% 61% Don't Know Don't Know 32% 22%
MANAGING PRIVACY RISK
WHERE TO START 1 UNDERSTAND: Use the ePRI tool to better understand your company’s privacy risk. Share results with key stakeholders in legal, communications and technology to get consensus of risk. 2 PRIORITIZE: Armed with understanding, an enterprise now has a powerful directional lens to evaluate its privacy program. Smart organizations will prioritize the weakest elements of their privacy DNA (under- performing practices) with consideration for their potential impact on enterprise effectiveness. 3 ACTIVATE: Work cross-company on programs to improve at-risk privacy practices. Consider how communications, legal/risk and technology leaders can collaborate on solutions.
UNDERSTAND YOUR RISK: ePRI TOOL Leverage the ePRI Tool to better understand your risk and how your practices relate to the benchmark.
PRIORITZE: RISKY PRACTICES My organization considers privacy and the protection of personal information a corporate priority. Priority #1 Determine and explore deficient My organization has the expertise and technology to protect personal information privacy practices Priority #2 most contributing to corporate risk My organization is transparent about what it does with employee and customer information. My organization is quick to respond to consumers’ and regulators’ privacy complaints Priority #3
ACTIVATE CROSS-ORGANIZATION PRIVACY TEAM BUSINESS: Proper collection, use and storage of information. Embrace Privacy by Design Invest in privacy LEGAL/GOV AFFAIRS: Compliance with local laws practices and in all the geographies of operation programing to improve INFORMATION TECHNOLOGY: Technology systems to prevent and recover from a data incident performance COMMUNICATIONS: Employee engagement, stakeholder engagement, data breach communications
FIRST STEP: CONVENE PRIVACY WORKSHOP WITH EDELMAN OUTCOMES Customized Edelman and our Privacy Risk Privacy partners can meet with Snapshot Program you to help explore and Roadmaps prioritize areas of privacy risk Internal Privacy Integration Playbooks
EDELMAN SERVICES EDELMAN AND OUR PRIVACY PARTNERS CAN HELP WITH SYSTEMS INTEGRATION COMMUNICATIONS AUDIT POLICY/LEGAL Security and privacy Reputation and Policy analysis and message development communications audit navigation Internal communications Privacy risk assessment Active regulatory and and employee engagement policymaker engagement Communications team integration Litigation communications Influencer and competitive mapping Customer and market Influence policy outcomes research Privacy and security Coalition building and response management Crisis protocols grassroots support Data breach training and simulations Thought leadership and executive positioning
CONTACT WEB: Datasecurity.edelman.com Edelman.com/expertise/practices/data security & privacy TWITTER: @EdelmanDSP CONTACT: Tomoko Akizawa, Director, Technology Practice, Edelman Japan Tomoko.Akizawa@edelman.com
APPENDIX I LANDSCAPE RESEARCH
GAP IN CONSUMER TRUST Our survey, Privacy & Security: The New Drivers of Brand, Reputation and Action, shows a significant gap between the importance of privacy to consumers and the amount they trust companies to protect it. 92% Importance of privacy and security in each industry (global) 84% Trust in each industry to protect personal information (global) 78% 77% 69% 69% 63% 51% 50% 50% 48% 43% 37% 33% 27% 23% 12% 12% 11% 9% 6% Finance Online Medical & Government Social Technology News & Media Automotive Food & Gaming Utilities* Shopping & Healthcare Networking Grocery Retail Q7. How important is your privacy and security when doing business with the following industries? *NOTE: Utilities not included as a response code Q8. Which industry do you trust most to adequately protect your personal information? Please select the top three industries. Edelman GCRM Program | 30
CONSUMERS ATTRITION DUE TO PRIVACY Consumers will leave services if personal information was accessed without permission. Costing negligent companies a significant in potential business. Consumers Likely to Switch Providers or Stop Using Services Entirely if Personal Information was Accessed Without Permission (Global) 80% 79% 77% 75% 75% 67% 67% 65% 63% 59% 55% 55% 54% 50% Base: All respondents (Global n=4,050) Q9. For the following types of companies, if your personal information was accessed without your permission, how likely would you be to switch to a different provider or stop using these services entirely, if they did have personal information on you? Please use a scale of 1-5, where 1 is “not at all likely” and 5 is “very likely.”
REGULATORY ACTION IN UNITED STATES All Federal agencies with jurisdiction over privacy are significantly increasing enforcement and rhetoric about privacy violations by companies. Google pays $22.5 million to settle FTC charges it misrepresented privacy assurances. BlueCross BlueShield of Tennessee (BCBST) fined $1.5 million for 2009 data breach. SEC requires publicly traded companies to disclose data breaches citing the issue is a substantial business risk.
A NEW REGIME IN THE EU EU institutions are currently discussing far-ranging proposals to modify and substantially overhaul the Union’s patchwork of 27 data protection regimes to create a new, single Europe-wide regime. If approved in the current format, the new regime would radically change the obligations of data controllers, strengthen competences of Data Protection Authorities (DPAs) and increase the rights of individuals. The current regulation draft foresees fines for non-compliance of up to 2% of annual turnover. The impact of this would be global.
ASIA NOT FAR BEHIND Many countries in Asia are creating new privacy laws similar to those in place in Europe and United States, imposing fines for data breaches and more stringent privacy standards. India: Passed Information Technology Rules (2011) Singapore: Personal Data Protection Act (2012) Hong Kong: Amended Personal Data Ordinance (2012) APEC Region: APEC Privacy Framework
LITIGATION ON THE RISE “NebuAd Settles Lawsuit Over Behavioral “Lawsuit Claims Microsoft, McDonald’s, Targeting Test – MediaPost Mazda & CBS Used Ads as Cover for Data Mining” – Network World Average settlement $2,500 per plaintiff, and mean attorneys’ fees of $1.2 million – Temple University Beasley School of Law “Facebook sued for $15 billion over alleged privacy infractions” – CNET
CRITICAL MEDIA Companies face an increasingly critical and vocal media environment, creating a significant potential for reputational damage. GM's Boneheaded Security Tops Privacy Mistake With Boardroom OnStar Agendas Facebook Complies with EU Data Protection Law, Apple moves to quell Dumps Facial Path privacy gaffe Recognition Privacy Concerns Affect Purchase Questions for Amazon on Decisions Privacy and the Kindle Fire
APPENDIX II EDELMAN PRIVACY RISK INDEX
BY GEOGRAPHY The ePRI found operating in Europe presents the most privacy risk, likely due recent policy developments and a significant cultural expectation of privacy. 50.9 58.7 NORTH EUROPE AMERICA 41.1 MIDDLE EAST 42.7 ASIA- PACIFIC 40.2 LATIN AMERICA
RISK IN SPECIFIC MARKETS There are significant differences between the most and least risky countries. The eleven countries with the highest privacy risk are located in the European Union with many developing nations presenting lower risk. Belgium 68.6 Italy 65.2 Netherlands 64.1 Spain 62.5 France 59.2 Germany 59.1 Sweden 58.7 Poland 56.5 Denmark 56.3 Norway 55.0 Ireland 54.8 New Zealand 54.7 Australia 54.2 Canada 53.8 Argentina 53.3 United Kingdom 53.0 Russian Federation 50.4 Hong Kong 50.0 United States 48.1 Japan 43.2 Israel 42.2 United Arab Emirates 41.2 Saudi Arabia 39.7 Singapore 38.7 Mexico 37.9 Korea 37.2 China (PRC) 32.0 India 31.3 Brazil 29.3 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0 80.0
CORPORATE FOOTPRINT INTRODUCES RISK Adding significant complexity to geographic concerns is the risk presented by operating in multiple markets. Local 80.0 The company primarily operates in one country 70.0 66.8 58.3 Regional 60.0 The company operates in two or more countries primarily 50.0 in one region 39.0 40.0 36.0 Super regional 30.0 The company operates in multiple countries in two or 20.0 more regions 10.0 Global - The company operates in all regions around the world Local Regional Super regional Global
INDUSTRY BENCHMARK DRIVEN BY DATA Industries that collect the most sensitive information about customers present the most significant privacy risk. There is a significant drop off in privacy risk for organizations that don’t collect significant amounts of information online. Financial services 79.3 Health & pharma 78.3 Communications 66.0 Airlines 62.8 Professional services 61.0 Public sector 58.8 Education & research 56.5 Transportation 56.3 Hospitality 55.0 Energy & utilities 55.0 Technology & software 53.8 Retail (Internet) 52.0 Retail (conventional) 44.5 Consumer products 44.3 Services 39.5 Entertainment & media 32.8 Agriculture 32.3 Industrial 27.5 Automotive 24.0 Manufacturing 20.8 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0 80.0 90.0
BY COMPANY SIZE Smaller organizations have substantially higher privacy risk than larger organizations. This can potentially be explained by larger organizations typically having more resources to devote to managing privacy risk. However, large organizations still face risks, often due to having a significant amounts of information and increased regulatory attention. 501 to 1,000 59.5 Less than 500 57.5 1.001 to 5,000 50.3 5,001 to 10,000 46.5 More than 75,000 45.8 25,001 to 75,000 45.8 10,001 to 25,000 44.8 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0
BY INFORMATION COLLECTED The volume and sensitivity of data collected significantly influences privacy risk. Types of personal information stored:  Customer with PII  Customer without PII  Employee  Consumer (targeted customer)  Citizen (government use)  Patient (health records)  Student  Shareholder/investor

Recommended

Edelman Privacy Risk Index 2012
Edelman Privacy Risk Index 2012Edelman Privacy Risk Index 2012
Edelman Privacy Risk Index 2012Edelman.ergo GmbH
 
Riskpro information risk management 2013
Riskpro information risk management 2013Riskpro information risk management 2013
Riskpro information risk management 2013Rahul Bhan (CA, CIA, MBA)
 
Riskpro brief introduction
Riskpro brief introductionRiskpro brief introduction
Riskpro brief introductionRahul Bhan (CA, CIA, MBA)
 
Riskpro Introduction
Riskpro IntroductionRiskpro Introduction
Riskpro IntroductionManoj Jain
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementRahul Bhan (CA, CIA, MBA)
 
Riskpro information risk management
Riskpro information risk managementRiskpro information risk management
Riskpro information risk managementRahul Bhan (CA, CIA, MBA)
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessReadWrite
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementRahul Bhan (CA, CIA, MBA)
 

Recommended

Edelman Privacy Risk Index 2012
Edelman Privacy Risk Index 2012Edelman Privacy Risk Index 2012
Edelman Privacy Risk Index 2012Edelman.ergo GmbH
 
Riskpro information risk management 2013
Riskpro information risk management 2013Riskpro information risk management 2013
Riskpro information risk management 2013Rahul Bhan (CA, CIA, MBA)
 
Riskpro brief introduction
Riskpro brief introductionRiskpro brief introduction
Riskpro brief introductionRahul Bhan (CA, CIA, MBA)
 
Riskpro Introduction
Riskpro IntroductionRiskpro Introduction
Riskpro IntroductionManoj Jain
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementRahul Bhan (CA, CIA, MBA)
 
Riskpro information risk management
Riskpro information risk managementRiskpro information risk management
Riskpro information risk managementRahul Bhan (CA, CIA, MBA)
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessReadWrite
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementRahul Bhan (CA, CIA, MBA)
 
Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...David Cunningham
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013Rahul Bhan (CA, CIA, MBA)
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementManoj Jain
 
People risk collateral 2013
People risk collateral 2013People risk collateral 2013
People risk collateral 2013Rahul Bhan (CA, CIA, MBA)
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Reputational Risk
Reputational RiskReputational Risk
Reputational RiskIBMGovernmentCA
 
Riskpro Construction Industry
Riskpro Construction IndustryRiskpro Construction Industry
Riskpro Construction IndustryRahul Bhan (CA, CIA, MBA)
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013Rahul Bhan (CA, CIA, MBA)
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarFERMA
 
Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?EMC
 
Riskpro construction industry
Riskpro construction industryRiskpro construction industry
Riskpro construction industryRahul Bhan (CA, CIA, MBA)
 
Regulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiariesRegulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiariesNair and Co.
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008David Cunningham
 
Sophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesSophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesBusiness Controls, Inc.
 
An Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and ProductsAn Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and Productss0P5a41b
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015John Budriss
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Strategia web demo
Strategia web demoStrategia web demo
Strategia web demoFabio Massimo Moreschini
 
Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009Agência DUE
 
The Silver Fern Report - July 2010
The Silver Fern Report - July 2010The Silver Fern Report - July 2010
The Silver Fern Report - July 2010oparvez
 
2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーター2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーターEdelman Japan
 

More Related Content

What's hot

Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...David Cunningham
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk ManagementManoj Jain
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarFERMA
 
Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?EMC
 
Regulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiariesRegulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiariesNair and Co.
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008David Cunningham
 
Sophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesSophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesBusiness Controls, Inc.
 
An Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and ProductsAn Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and Productss0P5a41b
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015John Budriss
 

What's hot (17)

Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational risk
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk Management
 
People risk collateral 2013
People risk collateral 2013People risk collateral 2013
People risk collateral 2013
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
 
Reputational Risk
Reputational RiskReputational Risk
Reputational Risk
 
Riskpro Construction Industry
Riskpro Construction IndustryRiskpro Construction Industry
Riskpro Construction Industry
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk Webinar
 
Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?Managing Cyber Risk: Are Companies Safeguarding Their Assets?
Managing Cyber Risk: Are Companies Safeguarding Their Assets?
 
Riskpro construction industry
Riskpro construction industryRiskpro construction industry
Riskpro construction industry
 
Regulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiariesRegulation raises the risk for global subsidiaries
Regulation raises the risk for global subsidiaries
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008
 
Sophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesSophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace Issues
 
An Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and ProductsAn Industry Overview: Enterprise Risk Services and Products
An Industry Overview: Enterprise Risk Services and Products
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 

Viewers also liked

Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009Agência DUE
 
The Silver Fern Report - July 2010
The Silver Fern Report - July 2010The Silver Fern Report - July 2010
The Silver Fern Report - July 2010oparvez
 
2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーター2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーターEdelman Japan
 
General orientation Winter 2015
General orientation Winter 2015General orientation Winter 2015
General orientation Winter 2015Sarah Bosler
 
Famtour Vinícola Garibaldi 2008 e 2009
Famtour Vinícola Garibaldi 2008 e 2009Famtour Vinícola Garibaldi 2008 e 2009
Famtour Vinícola Garibaldi 2008 e 2009Agência DUE
 
Olivia Paige Hall Powerpoint
Olivia Paige Hall PowerpointOlivia Paige Hall Powerpoint
Olivia Paige Hall Powerpointguest29f65ff5
 
2011 エデルマン・ヘルスバロメーター
2011 エデルマン・ヘルスバロメーター2011 エデルマン・ヘルスバロメーター
2011 エデルマン・ヘルスバロメーターEdelman Japan
 
Evaluation Question 2 Joe
Evaluation Question 2 JoeEvaluation Question 2 Joe
Evaluation Question 2 Joejoe hudson
 
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...Anders Sporring
 
2012 Edelman Trust Barometer
2012 Edelman Trust Barometer2012 Edelman Trust Barometer
2012 Edelman Trust BarometerEdelman Japan
 
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011Al Sauerfield
 
brandshare Japan 2014
brandshare Japan 2014brandshare Japan 2014
brandshare Japan 2014Edelman Japan
 
The Silver Fern Report - June 2010
The Silver Fern Report - June 2010The Silver Fern Report - June 2010
The Silver Fern Report - June 2010oparvez
 
Get to know Kyle Edington
Get to know Kyle EdingtonGet to know Kyle Edington
Get to know Kyle EdingtonKyleCEdington
 

Viewers also liked (20)

Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Strategia web demo
Strategia web demoStrategia web demo
Strategia web demo
 
Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009Clipping 1 Alpen Park 2009
Clipping 1 Alpen Park 2009
 
The Silver Fern Report - July 2010
The Silver Fern Report - July 2010The Silver Fern Report - July 2010
The Silver Fern Report - July 2010
 
2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーター2011 エデルマントラストバロメーター
2011 エデルマントラストバロメーター
 
Jeudis du libre scrum
Jeudis du libre scrumJeudis du libre scrum
Jeudis du libre scrum
 
General orientation Winter 2015
General orientation Winter 2015General orientation Winter 2015
General orientation Winter 2015
 
Famtour Vinícola Garibaldi 2008 e 2009
Famtour Vinícola Garibaldi 2008 e 2009Famtour Vinícola Garibaldi 2008 e 2009
Famtour Vinícola Garibaldi 2008 e 2009
 
Excel lesson 1
Excel lesson 1Excel lesson 1
Excel lesson 1
 
Olivia Paige Hall Powerpoint
Olivia Paige Hall PowerpointOlivia Paige Hall Powerpoint
Olivia Paige Hall Powerpoint
 
2011 エデルマン・ヘルスバロメーター
2011 エデルマン・ヘルスバロメーター2011 エデルマン・ヘルスバロメーター
2011 エデルマン・ヘルスバロメーター
 
Evaluation Question 2 Joe
Evaluation Question 2 JoeEvaluation Question 2 Joe
Evaluation Question 2 Joe
 
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...
GTD - fem enkla steg för att underlätta din digitala vardag med Workingoodway...
 
2012 Edelman Trust Barometer
2012 Edelman Trust Barometer2012 Edelman Trust Barometer
2012 Edelman Trust Barometer
 
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011
Presentatie social media: Kansen voor Horecaondernemers. De Lier, 6 juni 2011
 
brandshare Japan 2014
brandshare Japan 2014brandshare Japan 2014
brandshare Japan 2014
 
The Silver Fern Report - June 2010
The Silver Fern Report - June 2010The Silver Fern Report - June 2010
The Silver Fern Report - June 2010
 
The waves
The wavesThe waves
The waves
 
Get to know Kyle Edington
Get to know Kyle EdingtonGet to know Kyle Edington
Get to know Kyle Edington
 
Barnabas songs
Barnabas songsBarnabas songs
Barnabas songs
 

Similar to Edelman Privacy Risk Index

Edelman Privacy Risk Index Powered by Ponemon
Edelman Privacy Risk Index Powered by PonemonEdelman Privacy Risk Index Powered by Ponemon
Edelman Privacy Risk Index Powered by PonemonEdelman
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...IDology, Inc
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?IBM Security
 
ERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSMichel Rochette
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Riskpro Business Risk Management
Riskpro Business Risk ManagementRiskpro Business Risk Management
Riskpro Business Risk ManagementManoj Jain
 
Stop occupational fraud - Three simple steps to help stop fraud
Stop occupational fraud - Three simple steps to help stop fraudStop occupational fraud - Three simple steps to help stop fraud
Stop occupational fraud - Three simple steps to help stop fraudWynyard Group
 
Mitigating Data Security Risks at Broker Dealers
Mitigating Data Security Risks at Broker DealersMitigating Data Security Risks at Broker Dealers
Mitigating Data Security Risks at Broker DealersBroadridge
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guideNA Putra
 
Prepare For Breaches Like a Pro
Prepare For Breaches Like a ProPrepare For Breaches Like a Pro
Prepare For Breaches Like a ProResilient Systems
 

Similar to Edelman Privacy Risk Index (20)

Edelman Privacy Risk Index Powered by Ponemon
Edelman Privacy Risk Index Powered by PonemonEdelman Privacy Risk Index Powered by Ponemon
Edelman Privacy Risk Index Powered by Ponemon
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
Riskpro information risk management 2013
Riskpro information risk management 2013Riskpro information risk management 2013
Riskpro information risk management 2013
 
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...
5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in ...
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?
 
ERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORS
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
Riskpro Business Risk Management
Riskpro Business Risk ManagementRiskpro Business Risk Management
Riskpro Business Risk Management
 
Stop occupational fraud - Three simple steps to help stop fraud
Stop occupational fraud - Three simple steps to help stop fraudStop occupational fraud - Three simple steps to help stop fraud
Stop occupational fraud - Three simple steps to help stop fraud
 
Mitigating Data Security Risks at Broker Dealers
Mitigating Data Security Risks at Broker DealersMitigating Data Security Risks at Broker Dealers
Mitigating Data Security Risks at Broker Dealers
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guide
 
Prepare For Breaches Like a Pro
Prepare For Breaches Like a ProPrepare For Breaches Like a Pro
Prepare For Breaches Like a Pro
 
Data Breach Response Guide (Whitepaper))
Data Breach Response Guide (Whitepaper))Data Breach Response Guide (Whitepaper))
Data Breach Response Guide (Whitepaper))
 
Data Breach Response Guide for Credit Unions
Data Breach Response Guide for Credit UnionsData Breach Response Guide for Credit Unions
Data Breach Response Guide for Credit Unions
 
Risky Business
Risky BusinessRisky Business
Risky Business
 
The role_of_stakeholder_trust
The role_of_stakeholder_trust The role_of_stakeholder_trust
The role_of_stakeholder_trust
 
THE ROLE OF STAKEHOLDER
THE ROLE OF STAKEHOLDERTHE ROLE OF STAKEHOLDER
THE ROLE OF STAKEHOLDER
 
The role_of_stakeholder_trust
The role_of_stakeholder_trust The role_of_stakeholder_trust
The role_of_stakeholder_trust
 
ERON & AIG
ERON & AIGERON & AIG
ERON & AIG
 

More from Edelman Japan

2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員
2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員
2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員Edelman Japan
 
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - JapanEdelman Japan
 
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界Edelman Japan
 
2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan
2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan
2021 Edelman Trust Barometer Spring Update: A World in Trauma - JapanEdelman Japan
 
2021 エデルマン・トラストバロメーター
2021 エデルマン・トラストバロメーター2021 エデルマン・トラストバロメーター
2021 エデルマン・トラストバロメーターEdelman Japan
 
2021 Edelman Trust Barometer - Japan
2021 Edelman Trust Barometer - Japan2021 Edelman Trust Barometer - Japan
2021 Edelman Trust Barometer - JapanEdelman Japan
 
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミックEdelman Japan
 
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...Edelman Japan
 
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミックEdelman Japan
 
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...Edelman Japan
 
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルスEdelman Japan
 
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - JapanEdelman Japan
 
2020 Edelman Trust Barometer - Japan (Full Version)
2020 Edelman Trust Barometer - Japan (Full Version)2020 Edelman Trust Barometer - Japan (Full Version)
2020 Edelman Trust Barometer - Japan (Full Version)Edelman Japan
 
2020 エデルマン・トラストバロメーター(フルバージョン)
2020 エデルマン・トラストバロメーター(フルバージョン)2020 エデルマン・トラストバロメーター(フルバージョン)
2020 エデルマン・トラストバロメーター(フルバージョン)Edelman Japan
 
2020 Edelman Trust Barometer - Japan
2020 Edelman Trust Barometer - Japan2020 Edelman Trust Barometer - Japan
2020 Edelman Trust Barometer - JapanEdelman Japan
 
2020 エデルマン・トラストバロメーター
2020 エデルマン・トラストバロメーター2020 エデルマン・トラストバロメーター
2020 エデルマン・トラストバロメーターEdelman Japan
 
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - JapanEdelman Japan
 
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのかEdelman Japan
 
2019 エデルマン・トラストバロメーター
2019 エデルマン・トラストバロメーター2019 エデルマン・トラストバロメーター
2019 エデルマン・トラストバロメーターEdelman Japan
 
2019 Edelman Trust Barometer - Japan
2019 Edelman Trust Barometer - Japan2019 Edelman Trust Barometer - Japan
2019 Edelman Trust Barometer - JapanEdelman Japan
 

More from Edelman Japan (20)

2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員
2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員
2021 エデルマン・トラストバロメーター スペシャルレポート:「ビリーフ・ドリブン」な従業員
 
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan
2021 Edelman Trust Barometer Special Report: The Belief-Driven Employee - Japan
 
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界
2021 エデルマン・トラストバロメーター 中間レポート(5月版):トラウマを抱えた世界
 
2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan
2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan
2021 Edelman Trust Barometer Spring Update: A World in Trauma - Japan
 
2021 エデルマン・トラストバロメーター
2021 エデルマン・トラストバロメーター2021 エデルマン・トラストバロメーター
2021 エデルマン・トラストバロメーター
 
2021 Edelman Trust Barometer - Japan
2021 Edelman Trust Barometer - Japan2021 Edelman Trust Barometer - Japan
2021 Edelman Trust Barometer - Japan
 
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック
2020 エデルマン・トラストバロメーター 中間レポート(5月版):信頼とCOVID-19パンデミック
 
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...
2020 Edelman Trust Barometer Spring Update: Trust and the COVID-19 Pandemic -...
 
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック
2020 エデルマン・トラストバロメーター スペシャルレポート:ブランドの信頼と新型コロナウイルス・パンデミック
 
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...
2020 Edelman Trust Barometer Special Report: Brand Trust and the Coronavirus ...
 
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス
2020 エデルマン・トラストバロメーター スペシャルレポート:信頼とコロナウイルス
 
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan
2020 Edelman Trust Barometer Special Report: Trust and the Coronavirus - Japan
 
2020 Edelman Trust Barometer - Japan (Full Version)
2020 Edelman Trust Barometer - Japan (Full Version)2020 Edelman Trust Barometer - Japan (Full Version)
2020 Edelman Trust Barometer - Japan (Full Version)
 
2020 エデルマン・トラストバロメーター(フルバージョン)
2020 エデルマン・トラストバロメーター(フルバージョン)2020 エデルマン・トラストバロメーター(フルバージョン)
2020 エデルマン・トラストバロメーター(フルバージョン)
 
2020 Edelman Trust Barometer - Japan
2020 Edelman Trust Barometer - Japan2020 Edelman Trust Barometer - Japan
2020 Edelman Trust Barometer - Japan
 
2020 エデルマン・トラストバロメーター
2020 エデルマン・トラストバロメーター2020 エデルマン・トラストバロメーター
2020 エデルマン・トラストバロメーター
 
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan
2019 Edelman Trust Barometer Special Report: In Brands We Trust? - Japan
 
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか
2019 エデルマン・トラストバロメーター スペシャルレポート:ブランドは信頼に値するのか
 
2019 エデルマン・トラストバロメーター
2019 エデルマン・トラストバロメーター2019 エデルマン・トラストバロメーター
2019 エデルマン・トラストバロメーター
 
2019 Edelman Trust Barometer - Japan
2019 Edelman Trust Barometer - Japan2019 Edelman Trust Barometer - Japan
2019 Edelman Trust Barometer - Japan
 

Edelman Privacy Risk Index

  • 1. EDELMAN PRIVACY RISK INDEX POWERED BY PONEMON Edelman GCRM Program | 1
  • 2. BUSINESS LEFT VULNERABLE TO PRIVACY RISK Privacy risks can have a substantial impact on business operations and corporate reputation. Edelman’s privacy research shows, for the Companies face increasing regulation and first time, the main drivers of privacy risk. potential fines for the misuse and loss of The survey reveals: sensitive information. If the regulatory pressure wasn’t enough, not a week goes by without a Privacy risks are at an all time high, presenting company or an entire industry in the news for an a significant challenge for businesses. alleged privacy violation causing significant harm to corporate reputation. Businesses are struggling to manage the privacy practices that most contribute to risk. Managing data security and privacy effectively is essential to businesses today. The growing Operating globally and in financial services volume and sensitivity of information being and health industries significantly contributes shared, stored and used is driving demand for to risk. greater transparency about how it is being managed and protected.
  • 3. PRIVACY RISK AT AN ALL TIME HIGH Edelman GCRM Program | 3
  • 4. THE CONSEQUENCES OF PRIVACY RISK The costs are high. Businesses are losing customers and money, reputations suffer. As a result, the license to operate hangs in the balance. CUSTOMERS CORPORATE REPUTATION MONEY BUSINESS DISRUPTION Edelman GCRM Program | 4
  • 5. DRIVERS OF PRIVACY RISK AND LIABILITY CONSUMER CONCERN REGULATORY ENFORCEMENT Three quarters of consumers will stop using an online FTC levels $22.5 million for privacy violation shop if information was accessed without permission New proposed EU legislation may include fines up to 2% of annual turnover Less than half of consumers trust healthcare organizations to protect info Edelman DSP Group Study LITIGATION MEDIA SCRUTINY Average settlement $2,500 per plaintiff, and mean attorneys’ fees of $1.2 million Temple University Beasley School of Law Edelman GCRM Program | 5
  • 6.
  • 7. INTRODUCING THE EDELMAN PRIVACY RISK INDEX The Edelman Privacy Risk Index (ePRI) is a global benchmarking study and tool that measures the top drivers of privacy risk for businesses. The ePRI explores how companies are managing privacy risk caused by business practices and operations. • Based on analysis of research from the Ponemon Institute over the last three years • Analysis of 6,400 individual responses by risk managers, privacy professionals and IT Pros • 29 countries included in benchmarking and tools • The research serves as the baseline for an online tool that allows companies to access their privacy risk against the benchmark • Indented to be directional NOT diagnostic
  • 8. ELEMENTS OF PRIVACY RISK The Edelman Privacy Risk Index reveals a lack of preparedness in managing the potential financial and reputational damage relating to the loss or misuse of personal information. Our survey found companies face significant risk due to its business profiles and failing to implement strong privacy practices. BUSINESS PRIVACY PROFILE: PRACTICES: WHAT DEFINES HOW YOU Overall YOUR BUSINESS OPERATE RISK
  • 10. BUSINESS PROFILE Companies must understand how their business profile contributes to their privacy risk. Those operating in high risk environments are particularly vulnerable to incidents if they don’t properly manage privacy practices. Industry Headcount/ Geography Size RISK Info Collected/ Managed Footprint
  • 11. BUSINESS PROFILE RISK AT A GLANCE Geography Footprint Industry Headcount/ Info Collected Size HIGHEST RISK HIGHEST RISK HIGHEST RISK HIGHEST RISK HIGHEST RISK • Belgium • Global and Super • Financial • Small- and • Sensitive • Italy Regional Services Medium-sized Customer • Spain • Health/Pharma Businesses Information • Communications LOWEST RISK LOWEST RISK LOWEST RISK LOWER RISK LOWER RISK • China • Local • Industrial • Enterprise • Only Employee • India Automotive • Brazil • Manufacturing See appendix for full findings
  • 12. COMPANIES HAVE DIFFERENT STARTING RISKS Companies in different industries, markets and sizes have different starting points for operational risk. It’s essential that businesses understand where they stand and take action if they are at high risk. Company w/ Low Company w/ High Operational Risk Operational Risk VS. Brazil Italy Manufacturing Health Local Global Large enterprise SMB Collects employee info Collects health and sensitive customer information
  • 14. PRACTICES THAT DETERMINE RISK The ePRI identified three pillars and twelve practices that are key indicators of businesses’ ability to mitigate risk of a data breach, privacy lawsuit or regulatory action. • My organization is transparent about what it does with employee and customer information. My organization is quick to respond to privacy complaints or questions from customers and regulators. Communications • My organization makes a substantial effort to educate employees about privacy and data security. & Engagement • Employees in my organization understand the importance of privacy and how to protect personal and/or sensitive information. • My organization considers privacy and the protection of personal information a corporate priority. • A high-level executive leads my organization's privacy program and is empowered to make decisions. • My organization understands global privacy cultural differences. Business • My organization strictly enforces all levels of non-compliance with laws and regulations. Operations • My organization believes a data breach would adversely affect our reputation and financial position. • My organization has ample resources to protect employee and customer information. • My organization is able to prevent and quickly detect the theft or misuse of personal information. Data Protection • My organization has the expertise and technology to protect personal information.
  • 15. BUSINESSES FALLING SHORT Fewer than half of those surveyed agreed they effectively manage risk, leaving them highly susceptible (or exposed) to a privacy incident. They are failing to: • Make privacy a priority and devote resources • Engage their employees • Embrace transparency • Manage regulatory concerns
  • 16. COMPANIES LACK RESOURCES AND EXPERTISE • My organization has the expertise and technology to protect personal information. Strongly Disagree Strongly Disagree 12% Strongly Agree 14% Strongly Agree 16% 15% COMPANIES AT RISK Disagree Agree Disagree 25% Agree 17% 26% 23% 67% 62% Don't Know Don't Know 30% 22% • My organization has ample resources to protect employee and customer information. Strongly Disagree Strongly Disagree 3% 11% Strongly Agree Strongly Agree COMPANIES AT RISK Disagree 16% 22% 20% Disagree 21% Agree Agree 59% 19% 29% Don't Know Don't Know 55% 36% 23%
  • 17. COMPANIES FAIL TO PRIORITIZE • My organization considers privacy and the protection of personal information a corporate priority. Strongly Disagree Strongly Disagree 7% Strongly Agree 14% Strongly Agree 15% 15% COMPANIES AT RISK Disagree 20% Disagree 14% Agree 21% Agree 25% 64% 59% Don't Know Don't Know 37% 31% • My organization believes a data breach would adversely affect our reputation and financial position. Strongly Disagree Strongly Disagree 6% Strongly Agree 10% Strongly Agree Disagree 18% COMPANIES AT RISK 19% 14% Disagree 17% Agree Agree 56% 25% 31% Don't Know Don't Know 51% 36% 24%
  • 18. COMPANIES FAIL TO ENGAGE EMPLOYEES Privacy incidents often originate when employees improperly use or accidently expose information. The ePRI found a majority of companies fail to address the potential risk presented by poor employee education. • Employees in my organization understand the importance of privacy and how to protect personal and/or sensitive information. Strongly Disagree Strongly Disagree 6% Strongly Agree 17% Strongly Agree 16% 15% COMPANIES AT RISK Disagree 23% Agree Disagree Agree 20% 24% 25% 64% 60% Don't Know Don't Know 35% 20% • My organization makes a substantial effort to educate employees about privacy and data security. Strongly Disagree Strongly Disagree 10% Strongly Agree 17% Strongly Agree 15% 14% COMPANIES AT RISK Disagree Agree 25% Agree 16% Disagree 21% 69% 24% 65% Don't Know Don't Know 35% 23%
  • 19. COMPANIES ARE NOT TRANSPARENT OR RESPONSIVE Despite new laws around the world calling for greater notice and consent before collecting consumer information and increased media scrutiny, companies struggle to be transparent and respond to complaints. • My organization is transparent about what it does with employee and customer information. Strongly Disagree Strongly Disagree 5% Strongly Agree 6% Strongly Agree 18% 16% COMPANIES AT RISK Disagree Disagree 24% 30% Agree Agree 60% 22% 28% Don't Know 56% Don't Know 26% 25% My organization is quick to respond to privacy complaints or questions from customers and regulators. Strongly Disagree Strongly Disagree 11% Strongly Agree 11% Strongly Agree 15% COMPANIES AT RISK 18% Disagree 23% Agree Disagree 19% 29% Agree 65% 21% 61% Don't Know Don't Know 31% 21%
  • 20. COMPANIES ARE LAX ON REGULATORY COMPLIANCE Many companies struggle to comply with increasingly evolving regulatory requirements around the globe. • My organization strictly enforces all levels of non-compliance with laws and regulations. Strongly Disagree Strongly Disagree 13% Strongly Agree 16% Strongly Agree 18% 17% COMPANIES AT RISK Disagree 20% Agree Disagree Agree 17% 23% 23% 65% Don't Know Don't Know 61% 31% 22% • My organization understands global privacy cultural differences. Strongly Disagree Strongly Disagree 5% Strongly Agree 16% Strongly Agree 16% 14% COMPANIES AT RISK Disagree 29% Agree Disagree Agree 18% 24% 25% 66% 61% Don't Know Don't Know 32% 22%
  • 22. WHERE TO START 1 UNDERSTAND: Use the ePRI tool to better understand your company’s privacy risk. Share results with key stakeholders in legal, communications and technology to get consensus of risk. 2 PRIORITIZE: Armed with understanding, an enterprise now has a powerful directional lens to evaluate its privacy program. Smart organizations will prioritize the weakest elements of their privacy DNA (under- performing practices) with consideration for their potential impact on enterprise effectiveness. 3 ACTIVATE: Work cross-company on programs to improve at-risk privacy practices. Consider how communications, legal/risk and technology leaders can collaborate on solutions.
  • 23. UNDERSTAND YOUR RISK: ePRI TOOL Leverage the ePRI Tool to better understand your risk and how your practices relate to the benchmark.
  • 24. PRIORITZE: RISKY PRACTICES My organization considers privacy and the protection of personal information a corporate priority. Priority #1 Determine and explore deficient My organization has the expertise and technology to protect personal information privacy practices Priority #2 most contributing to corporate risk My organization is transparent about what it does with employee and customer information. My organization is quick to respond to consumers’ and regulators’ privacy complaints Priority #3
  • 25. ACTIVATE CROSS-ORGANIZATION PRIVACY TEAM BUSINESS: Proper collection, use and storage of information. Embrace Privacy by Design Invest in privacy LEGAL/GOV AFFAIRS: Compliance with local laws practices and in all the geographies of operation programing to improve INFORMATION TECHNOLOGY: Technology systems to prevent and recover from a data incident performance COMMUNICATIONS: Employee engagement, stakeholder engagement, data breach communications
  • 26. FIRST STEP: CONVENE PRIVACY WORKSHOP WITH EDELMAN OUTCOMES Customized Edelman and our Privacy Risk Privacy partners can meet with Snapshot Program you to help explore and Roadmaps prioritize areas of privacy risk Internal Privacy Integration Playbooks
  • 27. EDELMAN SERVICES EDELMAN AND OUR PRIVACY PARTNERS CAN HELP WITH SYSTEMS INTEGRATION COMMUNICATIONS AUDIT POLICY/LEGAL Security and privacy Reputation and Policy analysis and message development communications audit navigation Internal communications Privacy risk assessment Active regulatory and and employee engagement policymaker engagement Communications team integration Litigation communications Influencer and competitive mapping Customer and market Influence policy outcomes research Privacy and security Coalition building and response management Crisis protocols grassroots support Data breach training and simulations Thought leadership and executive positioning
  • 28. CONTACT WEB: Datasecurity.edelman.com Edelman.com/expertise/practices/data security & privacy TWITTER: @EdelmanDSP CONTACT: Tomoko Akizawa, Director, Technology Practice, Edelman Japan Tomoko.Akizawa@edelman.com
  • 30. GAP IN CONSUMER TRUST Our survey, Privacy & Security: The New Drivers of Brand, Reputation and Action, shows a significant gap between the importance of privacy to consumers and the amount they trust companies to protect it. 92% Importance of privacy and security in each industry (global) 84% Trust in each industry to protect personal information (global) 78% 77% 69% 69% 63% 51% 50% 50% 48% 43% 37% 33% 27% 23% 12% 12% 11% 9% 6% Finance Online Medical & Government Social Technology News & Media Automotive Food & Gaming Utilities* Shopping & Healthcare Networking Grocery Retail Q7. How important is your privacy and security when doing business with the following industries? *NOTE: Utilities not included as a response code Q8. Which industry do you trust most to adequately protect your personal information? Please select the top three industries. Edelman GCRM Program | 30
  • 31. CONSUMERS ATTRITION DUE TO PRIVACY Consumers will leave services if personal information was accessed without permission. Costing negligent companies a significant in potential business. Consumers Likely to Switch Providers or Stop Using Services Entirely if Personal Information was Accessed Without Permission (Global) 80% 79% 77% 75% 75% 67% 67% 65% 63% 59% 55% 55% 54% 50% Base: All respondents (Global n=4,050) Q9. For the following types of companies, if your personal information was accessed without your permission, how likely would you be to switch to a different provider or stop using these services entirely, if they did have personal information on you? Please use a scale of 1-5, where 1 is “not at all likely” and 5 is “very likely.”
  • 32. REGULATORY ACTION IN UNITED STATES All Federal agencies with jurisdiction over privacy are significantly increasing enforcement and rhetoric about privacy violations by companies. Google pays $22.5 million to settle FTC charges it misrepresented privacy assurances. BlueCross BlueShield of Tennessee (BCBST) fined $1.5 million for 2009 data breach. SEC requires publicly traded companies to disclose data breaches citing the issue is a substantial business risk.
  • 33. A NEW REGIME IN THE EU EU institutions are currently discussing far-ranging proposals to modify and substantially overhaul the Union’s patchwork of 27 data protection regimes to create a new, single Europe-wide regime. If approved in the current format, the new regime would radically change the obligations of data controllers, strengthen competences of Data Protection Authorities (DPAs) and increase the rights of individuals. The current regulation draft foresees fines for non-compliance of up to 2% of annual turnover. The impact of this would be global.
  • 34. ASIA NOT FAR BEHIND Many countries in Asia are creating new privacy laws similar to those in place in Europe and United States, imposing fines for data breaches and more stringent privacy standards. India: Passed Information Technology Rules (2011) Singapore: Personal Data Protection Act (2012) Hong Kong: Amended Personal Data Ordinance (2012) APEC Region: APEC Privacy Framework
  • 35. LITIGATION ON THE RISE “NebuAd Settles Lawsuit Over Behavioral “Lawsuit Claims Microsoft, McDonald’s, Targeting Test – MediaPost Mazda & CBS Used Ads as Cover for Data Mining” – Network World Average settlement $2,500 per plaintiff, and mean attorneys’ fees of $1.2 million – Temple University Beasley School of Law “Facebook sued for $15 billion over alleged privacy infractions” – CNET
  • 36. CRITICAL MEDIA Companies face an increasingly critical and vocal media environment, creating a significant potential for reputational damage. GM's Boneheaded Security Tops Privacy Mistake With Boardroom OnStar Agendas Facebook Complies with EU Data Protection Law, Apple moves to quell Dumps Facial Path privacy gaffe Recognition Privacy Concerns Affect Purchase Questions for Amazon on Decisions Privacy and the Kindle Fire
  • 38. BY GEOGRAPHY The ePRI found operating in Europe presents the most privacy risk, likely due recent policy developments and a significant cultural expectation of privacy. 50.9 58.7 NORTH EUROPE AMERICA 41.1 MIDDLE EAST 42.7 ASIA- PACIFIC 40.2 LATIN AMERICA
  • 39. RISK IN SPECIFIC MARKETS There are significant differences between the most and least risky countries. The eleven countries with the highest privacy risk are located in the European Union with many developing nations presenting lower risk. Belgium 68.6 Italy 65.2 Netherlands 64.1 Spain 62.5 France 59.2 Germany 59.1 Sweden 58.7 Poland 56.5 Denmark 56.3 Norway 55.0 Ireland 54.8 New Zealand 54.7 Australia 54.2 Canada 53.8 Argentina 53.3 United Kingdom 53.0 Russian Federation 50.4 Hong Kong 50.0 United States 48.1 Japan 43.2 Israel 42.2 United Arab Emirates 41.2 Saudi Arabia 39.7 Singapore 38.7 Mexico 37.9 Korea 37.2 China (PRC) 32.0 India 31.3 Brazil 29.3 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0 80.0
  • 40. CORPORATE FOOTPRINT INTRODUCES RISK Adding significant complexity to geographic concerns is the risk presented by operating in multiple markets. Local 80.0 The company primarily operates in one country 70.0 66.8 58.3 Regional 60.0 The company operates in two or more countries primarily 50.0 in one region 39.0 40.0 36.0 Super regional 30.0 The company operates in multiple countries in two or 20.0 more regions 10.0 Global - The company operates in all regions around the world Local Regional Super regional Global
  • 41. INDUSTRY BENCHMARK DRIVEN BY DATA Industries that collect the most sensitive information about customers present the most significant privacy risk. There is a significant drop off in privacy risk for organizations that don’t collect significant amounts of information online. Financial services 79.3 Health & pharma 78.3 Communications 66.0 Airlines 62.8 Professional services 61.0 Public sector 58.8 Education & research 56.5 Transportation 56.3 Hospitality 55.0 Energy & utilities 55.0 Technology & software 53.8 Retail (Internet) 52.0 Retail (conventional) 44.5 Consumer products 44.3 Services 39.5 Entertainment & media 32.8 Agriculture 32.3 Industrial 27.5 Automotive 24.0 Manufacturing 20.8 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0 80.0 90.0
  • 42. BY COMPANY SIZE Smaller organizations have substantially higher privacy risk than larger organizations. This can potentially be explained by larger organizations typically having more resources to devote to managing privacy risk. However, large organizations still face risks, often due to having a significant amounts of information and increased regulatory attention. 501 to 1,000 59.5 Less than 500 57.5 1.001 to 5,000 50.3 5,001 to 10,000 46.5 More than 75,000 45.8 25,001 to 75,000 45.8 10,001 to 25,000 44.8 - 10.0 20.0 30.0 40.0 50.0 60.0 70.0
  • 43. BY INFORMATION COLLECTED The volume and sensitivity of data collected significantly influences privacy risk. Types of personal information stored:  Customer with PII  Customer without PII  Employee  Consumer (targeted customer)  Citizen (government use)  Patient (health records)  Student  Shareholder/investor