Today’s savvy customers are paying more attention to the data privacy features of the products and services they buy. They want to know what data is captured, how it is used, where it is stored, how it is transferred, who has access to it, and when it is deleted. They’re also concerned about the risks of costly data breaches that have the potential to expose their personal information. It seems customers would benefit from a “Data Nutrition Label” on the products and services they buy, so they could be better informed about how their data is protected and how their privacy is respected.  In any event, we’re seeing increasing concerns for data and data privacy, as well as its potential impact on the sales cycle.

Today, in observance of Data Privacy Day, Cisco released a groundbreaking Privacy Maturity Benchmark Study on the impact of data privacy maturity on business. Drawing on survey responses from nearly 3,000 security professionals in 25 countries, we looked at the existence and length of any sales delays due to customer data privacy concerns such as what data is captured and how it is used. We also explored what we can learn from organizations that have the shortest delays.

We found that 65 percent of organizations currently experience such delays, with an average reported delay of 7.8 weeks, or almost two months.

Are sales delays really that bad?

Unfortunately, the short answer is yes. Delayed revenue can cause companies to miss quarterly or annual goals, and can hurt compensation, project funding, and stock prices. All too often, a delayed sale becomes a lost sale. Products and services have limited lifecycles, so sales delays near the end of a product’s life will be lost. And when delays occur, customers are more likely to opt for a competitor’s product or to decide not to buy at all. Worst of all is the potential for brand damage. If a customer believes a delay could have been avoided, they frequently form the lasting impression that a particular company isn’t worth doing business with.

The Good, the Bad, and the Ugly

Some businesses don’t deal extensively with Personally Identifiable Information (PII), and one-third of survey respondents reported little or no sales delays from privacy issues. For example, companies in the utilities, pharmaceutical, and manufacturing sectors deal less frequently with PII and have shorter sales delays. Another 57 percent of respondents saw delays of between one and 20 weeks. That leaves nine percent of companies who reported delays of more than 20 weeks, many of which were as long as a year or two. This most often occurs when a product or service does not meet the customer’s data privacy requirements and, if it is not redesigned, it becomes essentially “unsellable” with certain customers or geographies.

How should companies address sales delays?

Given the potential effects of these delays on sales and revenues, Cisco s advises the following steps:

  • Measure current delays: Assess the scope of sales delays due to data privacy issues and understand how much sales revenue might be affected by the delays.
  • Assess root causes: Portions of a delay might be caused by sales teams being unable to address customer concerns, incomplete or inaccessible corporate policies, or engineering/design issues. Executives need to know root causes to determine resolutions.
  • Establish ongoing metrics and targeted initiatives: Regularly measure and track the sales delay metric, and set priorities for appropriate investments to reduce the delays.
  • Explore effects on cyber losses: Assess the cause of any data breaches and losses that might have been avoided through more mature data privacy processes.
  • Develop a data privacy and protection plan: If such a plan does not currently exist, plan to create policies and protocols that contribute to good security hygiene.

In future blogs, I’ll discuss what we can learn from companies with both longer and shorter sales delays and which organizational models might be best suited to minimize delays.

More Information

Cisco 2018 Privacy Maturity Benchmark Study

Privacy Infographic

Privacy Podcast: Good Privacy is Good for Business



Robert Waitman

Director, Privacy Center of Excellence