Cisco recently unveiled the results of its 2026 Data and Privacy Benchmark Study, showing a striking shift in how organizations approach data privacy and governance. As AI adoption accelerates, nearly all companies are expanding privacy programs and governance frameworks to protect their data and innovate at scale. The growing demand for high-quality data to power AI is exposing gaps in oversight, and raising the stakes for trust, security, and competitiveness. The bottom line: for organisations to succeed in the AI-era, scalable and responsible AI strategies must be built through a mature, integrated approach to privacy and data governance.
Cisco surveyed 5,200 IT, technology, and security professionals with data privacy responsibilities across 12 markets* worldwide. The study reveals AI as the primary catalyst, driving 90% of companies to report expanded privacy programs, with 93% planning further investment to keep up with the complexity of AI systems and expectations of customers and regulators. Notably, globally 38% of organisations surveyed spent at least $5 million on their privacy programs in the past year, up from 14% in 2024.
AI Raises the Bar for Privacy and Trust, But Governance Is Still Evolving
An overwhelming 95% of organisations report that robust privacy frameworks unlock AI agility and innovation, while an equal 95% recognize privacy is essential for building customer trust in AI-powered services.
This year’s report points to a deep structural shift, where trust is no longer established simply by meeting regulatory requirements. Data governance is now seen as a strategic business enabler with 100% of organizations surveyed in India reporting at least one tangible benefit from their privacy initiatives, such as enhanced agility, innovation, and greater customer loyalty. 46% say that clear communication about how data is collected and used is the most effective way to build customer confidence.
With this momentum, governance is evolving to meet the needs of this changing landscape. Many organisations are still working to define and establish the governance structures required to manage AI responsibly at scale. While nearly two-thirds of organisations in India report having a dedicated AI governance body in place, only 12% describe these structures as mature. And, as AI systems draw from increasingly complex and distributed datasets, 70% of organizations struggle to access relevant, high-quality data efficiently.
“AI is forcing a fundamental shift in the data landscape, calling for holistic governance of all data – both personal and non-personal,” said Jen Yokoyama, Senior Vice President, Legal Innovation and Strategy at Cisco. “Organizations must deeply understand and structure their data to ensure every automated decision is explainable. It’s not just for compliance, but a necessary scaling engine for AI innovation.”
AI Sparks Global Data Flow Challenges
While around 79% of respondents in India are generally positive about data privacy laws, there is a growing push to streamline and update data requirements.
The study found that 91% of organisations surveyed in India face heightened demand for data localization and global data complexity. 91% of organisations in India say data localization adds cost, complexity, and risk to cross-border service delivery. Further, 87% report these requirements limit their ability to offer seamless 24/7 service across markets.
Global companies increasingly prefer technology partners that match their footprint: 87% believe global‑scale providers are better at managing cross‑border data flows.
“To capture the potential of AI, organisations (87%) are advocating for a shift toward harmonized international standards” said Harvey Jang, Cisco Vice President and Chief Privacy Officer. “They recognize that global consistency is an economic necessity to ensure data can flow securely while maintaining the high standards of protection required for trust.”
Building Trust and Innovation in the AI Era
To successfully evolve from reactive compliance to a proactive approach, the data shows that companies should invest in robust data infrastructure, prioritizing transparency, and embedding security and privacy throughout AI initiatives. Organisations should make informed decisions about data localization, establish strong AI governance, and empower their teams with comprehensive training and safeguards. These concrete actions are crucial for building enduring trust, driving responsible innovation, and ultimately thriving in the dynamic, AI-driven digital economy.