• Skip to primary navigation
  • Skip to main content
site logo
  • About
    • Approach
    • Partnerships
    • Mission
    • Leadership
    • Awards
    • Arraya Cares
  • Solutions
    • Solutions

    • Hybrid Infrastructure
      • Hyperconverged
      • Infrastructure as a Service
      • Servers, Storage, and Virtualization
      • Data Protection
      • Disaster Recovery & Business Continuity
    • Apps & Data
      • AI
      • Automation
      • Customizations
      • Visualizations & Integrations
      • Migrations
    • Network
      • Enterprise Networks
      • Wireless Connectivity
      • Cloud Networking Solutions
      • IoT
    • Cybersecurity
      • Endpoint Security
      • Network Security
      • Cloud Security
      • Application Security
    • Modern Workplace
      • Microsoft Licensing
      • Productivity & Collaboration
      • Modern Endpoint Deployment & Management
      • Microsoft Compliance & Risk
      • Backup
      • Cloud
  • Services
    • Services

    • Managed Services
      • Service Desk
      • Outsourced IT
      • Managed Security
      • Managed NOC
      • Arraya Adaptive Management for Microsoft Technologies
      • ADEPT: Arraya's White Label Program
    • Advisory Services
      • Assessments
      • Strategy
      • vCTO
      • vCISO
      • Enterprise Architecture
    • Staffing
      • Infrastructure Engineering
      • Security & Compliance
      • Application & Software
    • Professional Services
      • Project Management 
      • Systems Integration 
      • Mergers & Acquisitions
      • Knowledge & Skills Transfer 
  • Industries
    • Education
    • Finance
    • Healthcare
    • Legal
    • Manufacturing
    • Software and Services
  • Insights
    • News
    • Blog
    • Events
    • Videos
    • Case studies
  • Careers
  • CSP Login
search icon
Contact Us

3 Unexpected Business Benefits of GDPR Compliance

Estimates vary as to how many organizations globally consider themselves compliant with the European Union’s General Data Protection Regulation (GDPR). One thing is for sure,Cisco GDPR compliance study organizations who have yet to cross that line have plenty of motivation to do so soon. Just last month, Google became the first major tech company dinged under GDPR. The CNIL, France’s independent data privacy regulatory body, hit Google with a roughly $57 million fine for failing to keep customers informed about how their data is used or provide sufficient clarity into the company’s data consent policies. When it comes to achieving GDPR compliance, however, the benefits go beyond avoiding fines.

In the first entry of its 2019 Cyber Security Series – entitled Maximizing the value of your data privacy investments – Cisco argued data privacy spend has paid off in numerous, and even unexpected, ways. These perks are not unique to GDPR compliance. They are a byproduct of investing in the people, processes and tools needed for smarter, more secure data stores.

Here are three of the more surprising ways in which organizations have benefited from their data privacy spend.

Benefit #1: Shorter sales cycles

Maybe it’s the steady march of high-profile data breaches, but customers appear to be honing in on security. In Cisco’s study, almost 9-in-10 (87%) participants reported experiencing sales delays stemming from customer data privacy concerns. In the 2017 version of the study, just 66% of organizations reported that same hesitation.

Here’s the thing, organizations able to demonstrate a higher degree of GDPR preparedness actually experienced shorter delays. Those currently ready for GDPR saw delays of 3.4 weeks. Among organizations roughly a year out from GDPR-readiness, delays went up to 4.5 weeks. For those more than a year away? Try an average of 5.4 weeks.

Product or service quality will always be important to the sales process. Still, it clearly doesn’t hurt to be able to quickly demonstrate a data privacy-centric mindset.

Benefit #2: Lower impact security incidents

As far as data breaches go, there was good news in 2018 and there was bad news. On the positive side of things, the total number of breaches decreased by 23% last year according to the Identity Theft Resource Center. Now for the bad news: Attackers managed to steal 447 million total consumer records in 2018, an increase of 126%. So, even though the bad guys won less, when they did, they won big.

Cisco’s research also looked at the impact of GDPR preparedness on incident severity. It found organizations that consider themselves GDPR-ready reported having an average of 79,000 records impacted by a data breach. Compare that to 100,000 for organizations less than a year out and 212,000 for companies more than a year away.

Furthermore, GDPR-ready companies suffered an average of 6.4 weeks of downtime due to incidents and just 37% of those organizations faced a loss of $500K or more. In both instances, those figures increase dramatically as GDPR-readiness decreases. Businesses more than a year away saw an average of 9.4 weeks of downtime and 64% faced a loss equal to or greater than $500K.

As Tom Clerici, our Cyber Security Practice Director, likes to point out, compliance and security don’t always travel hand-in-hand. That doesn’t mean they’re total strangers either. An increased awareness of – and willingness to invest in – security concerns can pay off.

Benefit #3: Fewer data breaches overall

There’s no such thing as a cyber security silver bullet. Even organizations that make all the right moves can have their efforts undone by a moment of human error. Organizations that have prioritized GDPR readiness have at least taken steps to reduce the likelihood of an incident, according to Cisco’s findings.

The organization’s researchers noted that the probability of a GDPR-compliant organization suffering a data breach sat at 74%. That’s not bad when compared to less-ready businesses. Companies less than a year out have an 80% probability of suffering a breach while those more than a year out have an 89% chance.

Given the harder-to-quantify risks of a data breach, such as a loss of customer confidence, any chance to reduce the likelihood of an attack seems worth looking into.

Next Steps: Achieving GDPR compliance and true data security

If your organization is still working toward GDPR compliance, or is unsure of how to get there, don’t worry, you’re not alone. Given the risks – fines for non-compliance with GDPR can go as high as 4% of annual global turnover or $20 million – the sooner you reach that goal, the better. Arraya has the tools and expertise needed to help your organization get in step with GDPR.

Our Cyber Security team can perform a comprehensive GDPR Preparedness Workshop. This two hour engagement will help determine if your company falls under its widening regulatory umbrella, identify regulatory shortfalls, and recommend improvements to boost not only compliance, but cyber security postures as a whole. Visit https://www.arrayasolutions.com//contact-us/ to schedule your session now or to connect with our Cyber Security team.

As always, feel free to leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Remember to follow us to stay up to date on our industry insights and unique IT learning opportunities.

Arraya Insights
Back to Top
Arraya Solutions logo

We combine technological expertise and personal service to educate and empower our customers to solve their individual IT challenges.

518 Township Line Road
Suite 250, Blue Bell, PA 19422

p: (866) 229-6234     f: (610) 684-8655
e: info@arrayasolutions.com

  • Careers
  • Privacy Policy
  • Contact Us

© 2025 Arraya Solutions. All rights reserved.

Facebook Twitter YouTube LinkedIn
Manage Cookie Consent
We use cookies to enhance your experience. By selecting “Accept,” you agree to our cookie policy.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}