Privacy by Design
Enterprises that report they always use privacy by design are more likely to be driven by a combination of compliance and ethics (62 percent vs. 52 percent total). They are also nearly two-and-a-half times more likely to be completely confident in their privacy team’s ability to ensure data privacy and achieve compliance with new privacy laws and regulations (24 percent vs. 10 percent total). However, there was not a meaningful difference in the number of privacy breaches they experienced in the last 12 months compared to all respondents. Approximately 10 percent of both groups reported breaches—a potentially underreported number.
Privacy Obstacles
Respondents identified other common privacy failures, including:
- Lack of training or poor training (64 percent)
- Failure to perform a risk analysis (53 percent)
- Bad or nonexistent detection of personal information (50 percent)
Respondents cited privacy principles frameworks, experience-based credentials and privacy training as the most helpful methods in overcoming these obstacles.
Workforce Trends
Respondents indicated that they foresee an increased demand for technical privacy roles compared to legal/compliance roles (70 percent increase vs. 59 percent increase). However, technical privacy roles were more likely to be considered understaffed (46 percent vs. 33 percent).
Nevertheless, hiring managers have been filling these roles through training—47 percent noted they have been training non-privacy staff interested in moving into privacy roles. Ninety-two percent of respondents indicated that they have privacy staff who started their career in IT or security and moved into privacy and compliance.
“Organizations will continue needing a strong privacy workforce in the years ahead,” says Nader Qaimari, ISACA chief product officer. “As non-privacy professionals increasingly get opportunities to train for this career path and gain technical skills, it not only eases the privacy skills gap but enriches this workforce.”
The complimentary webinar, “Exploring Privacy Trends, Challenges & Predictions,” on 28 January 2021 at 12:00 PM EST / 5:00 PM (UTC) will explore the survey highlights. To learn more, visit www.isaca.org/education/online-events/lms_w012821.
Access the Privacy in Practice 2021 survey report at www.isaca.org/privacy-in-practice-2021. Learn more about ISACA’s privacy resources, including the Certified Data Privacy Solutions Engineer™ (CDPSE™) certification, at www.isaca.org/cdpse.
About ISACA
For more than 50 years, ISACA® (www.isaca.org) has equipped individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA leverages the expertise of more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. Its presence in 188 countries includes more than 220 chapters.