Cyber skills gap affecting data privacy practice, finds ISACA

Thousands of technical privacy roles are going unfilled all over the world, leaving organisations dangerously exposed to breaches of compliance laws and cyber security incidents, according to an ISACA study marking the annual Data Privacy Day cyber supplier marketing opportunity.

The technology association’s latest Privacy in practice 2022 report draws together data gathered in a survey exercise undertaken towards the end of 2021. It found that 46% of organisations find themselves struggling to fill legal and compliance roles, and 55% technical privacy roles. Additionally, 41% reported that the biggest challenge in forming an organisational privacy plan was a lack of competent resources.

While it is important to note that just 25% actually had open legal and compliance roles, and only 31% had open technical privacy roles, respondents expected that privacy professionals would be in much greater demand in 2022, with 67% anticipating a need for legal and compliance pros, and 72% anticipating a need for technical privacy pros.

“People are an essential component of any privacy program, both the privacy professionals driving the work forward and employees across the enterprise who follow good data privacy practices,” said Safia Kazi, privacy professional practice advisor at ISACA.

“Enterprises need to sufficiently invest in their privacy programmes and teams, not only to retain privacy staff and upskill talent to fill open roles, but to also prioritise privacy training efforts to ensure all employees are supporting privacy initiatives.”

When seeking privacy pros, respondents highlighted compliance and legal experience, prior experience in a privacy role, and technical experience as the key requisites, but they also reported that many candidates lacked these skills.

As a result of this, less than half of respondents said they were very or completely confident in their privacy team’s ability to ensure the organisation’s data protection practice was effective and compliant with national and international laws and standards.

In particular, survey respondents said their organisations had struggled with data incidents occasioned by failure to account for privacy-by-design in apps and services (63%), a lack of training (59%), and bad or non-existent detection of personal data (47%).

“Privacy professionals are vital in driving transparency and accountability across their organisations, and that has never been more important, as more consumers, employees and investors dictate the success of organisations that they do, or don’t, trust,” said Alex Bermudez, privacy manager at OneTrust, which sponsored the ISACA study.

“The role of the privacy professional continues to evolve, with many now taking their organisations on a journey from compliance to building trust as a competitive advantage: helping to make companies stand out based on the values they hold and the commitments they fulfil,” said Bermudez.

“Continuing to monitor the changes in resources, board-level sponsorship, and the positive trajectory of privacy at-large form an important part of a privacy professional’s value, and impact on an organisation.”

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.