随着本周数据隐私日的临近, ISACA’s 私隐实务2022 survey report finds that technical privacy roles are more understaffed than last year. 如今的隐私领域喜忧参半. While organizations are starting to prioritize privacy and raise budgets, 技术隐私技能的差距正在扩大, 技术隐私职位仍然空缺. Find out what more than 800 organizations had to say about the current and future state of privacy in our 2022 report.
Schaumburg, IL, USA—在1月28日的数据隐私日之前, new research from ISACA explores the latest trends in enterprise privacy—from privacy workforce and privacy by design to privacy challenges and the future of privacy—in its new 私隐实务2022 调查报告,由OneTrust赞助.
The report, which examines responses from the global ISACA State of Privacy survey conducted in the third quarter of 2021, highlights the persistent understaffing that is impacting enterprise privacy teams. Respondents indicate that both legal/compliance (46 percent of respondents) and technical privacy roles (55 percent of respondents) at enterprises are understaffed, 自去年以来,这个问题只会恶化. Forty-one percent also report that the biggest challenge in forming a privacy program is a lack of competent resources.
However, 只有25%的人表示他们有公开的隐私法律/合规角色, 31%的人表示他们有公开的技术隐私角色. Respondents also largely expect that privacy professionals will only become more in-demand, with 63 percent anticipating increased demand for legal/compliance roles and 72 percent expecting more demand for technical privacy roles.
寻找专业人士来填补这些角色, respondents indicate they are looking for three key things: compliance/legal experience (62 percent), prior hands-on experience in a privacy role (56 percent) and technical experience (48 percent). A university degree is not necessarily a prerequisite—29 percent of respondents say that it is not an important factor when evaluating a candidate. However, respondents indicate that candidates do not always have the skills required for these roles, 列举这些常见的技能差距:
- 具有不同技术和/或应用程序的经验(64%)
- Understanding the laws and regulations to which an enterprise is subject (50 percent)
有使用框架和/或控件的经验(50%) - 缺乏技术经验(46%)
“人是任何隐私保护项目的重要组成部分, both the privacy professionals driving the work forward and employees across the enterprise who follow good data privacy practices,” says Safia Kazi, ISACA隐私专业实践顾问. “Enterprises need to sufficiently invest in their privacy programs and teams, 这不仅是为了留住隐私员工,也是为了提升人才的技能以填补空缺职位, but to also prioritize privacy training efforts to ensure all employees are supporting privacy initiatives.”
尽管存在人员配备和技能差距等问题, 41 percent of respondents report they are very confident or completely confident in the ability of their privacy team to ensure data privacy and achieve compliance with new privacy laws and regulations. One in 10 respondents’ enterprises have experienced a material privacy breach in the last 12 months, 与去年的结果一致.
When exploring the main types of privacy failures that enterprises experience, 受访者指出以下是最常见的:
- 没有在应用程序或服务中设计隐私(63%)
- 缺乏培训(59%)
- 个人信息检测不良或根本不存在(47%)
当涉及到澳门赌场官方下载的隐私培训时, most (71 percent) respondents perceive privacy training to have a positive impact. However, the survey finds that many may approach it as a “check the box” exercise, with nearly 70 percent indicating that they evaluate the success of a privacy training program by looking at the number of employees who complete the training rather than measuring the efficacy of the training.
进一步保护自己, many enterprises implement additional privacy controls in addition to what they are legally required to do, 包括加密(76%), identity and access management (74 percent) and data security (71 percent).
“Privacy professionals are vital in driving transparency and accountability across their organizations, 这一点从未如此重要, as more consumers, employees and investors dictate the success of organizations that they do, or don’t, trust,” notes Alex Bermudez, OneTrust隐私管理器. “隐私专家的角色在不断演变, with many now taking their organizations on a journey from compliance to building trust as a competitive advantage: helping to make companies stand out based on the values they hold and the commitments they fulfil. 继续监测资源的变化, 董事会层面的赞助, and the positive trajectory of privacy at-large form an important part of a privacy professional’s value, 以及对组织的影响。”
调查报告将在免费的网络研讨会上进行深入讨论, 《澳门赌场官方下载》,1月27日中午12时.m. EST. Register for the event—which offers one free CPE credit for ISACA certifications—at http://store.healthydairyland.com/s/community-event?id=a334w000004cmroAAA. Afterwards, the webinar will also be available to access online for free for an additional year.
赠送的副本 私隐实务2022 survey report and additional privacy resources and articles can be accessed at 7d1quzs.healthydairyland.com/dataprivacy. 关于ISACA隐私资源的其他信息, including the Certified Data Privacy Solutions Engineer™ (CDPSE™) certification, is available at 7d1quzs.healthydairyland.com/cdpse. ISACA also hosts a 隐私组在其参与在线论坛 讨论主题并分享最佳实践.
About ISACA
50多年来,ISACA® (7d1quzs.healthydairyland.com)汇集了最优秀的人才、专业知识和技术知识. ISACA为个人提供知识, credentials, education and community to progress their careers and transform their organizations, 并使澳门赌场官方下载能够培养和建设高素质的团队. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000名从事信息安全工作的澳门赌场官方软件, governance, assurance, 风险和隐私通过技术推动创新. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA发起了One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, 弱势群体.
Twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAGlobal
Instagram: www.instagram.com/isacanews
About OneTrust
OneTrust is the category-defining enterprise platform to operationalize trust. More than 10,000 customers, 包括一半的财富全球500强澳门赌场官方下载, 使用OneTrust让信任成为差异化的竞争优势, 实现跨隐私的中心敏捷工作流, security, data governance, GRC, third-party risk, ethics and compliance, and ESG programs.
The OneTrust platform is backed by 200 patents and powered by the OneTrust Athena™ AI. 我们的产品包括OneTrust隐私, OneTrust DataDiscovery™, OneTrust DataGovernance™, OneTrust Vendorpedia™, OneTrust GRC, OneTrust Ethics, OneTrust PreferenceChoice™, OneTrust ESG, 和OneTrust数据指导™.
Media Contacts
Emily Van Camp, +1.847.385.7223, communications@healthydairyland.com
Kristen Kessinger, +1.847.660.5554, communications@healthydairyland.com
