Published on Mar 31, 2021
As the world begins to look beyond the coronavirus pandemic, the inevitable changes in society are beginning to emerge. We will always talk about life before and after COVID-19. One of the most visible changes that may become permanent (for many organisations) is the shift to remote working.
This development means IT and information security professionals have had to adapt to ensure systems are available and protected while many employees work from home. However, it is not only home working that is driving this new focus on privacy.
According to a new data privacy report from Cisco, a US technology company, based in California, specialising in networking products, 34% of security operations are increasingly looking to include data privacy as a core responsibility and competency.
Whether the goal is to improve communication between privacy and security departments or ensure the existence of well-rounded incident response teams, IT and information security professionals are keen to know more about the correlation between data security and privacy management.
Many privacy management functions play an essential role in mitigating the risk of an information security breach. Because of this, certified training on the general data protection regulation (GDPR) for security professionals covering privacy-by-design, data minimisation, and pseudonymisation and encryption has become increasingly commonplace amongst IT/infosecurity teams.
Other key findings of the report include:
Investing in reliable privacy protection infrastructure, expertise, and training on GDPR for security professionals does not merely benefit consumers. The Cisco study shows that 75% of organisations recognise that privacy protection can:
Based on estimates given by respondents, the overall value of these benefits was, on average, $2.9m (£2.08m).
The study showed 93% of organisations turned to their privacy teams to help navigate potentially controversial decisions during the pandemic. Cisco stated:
The pandemic has accelerated changes in our society, such as mass home working and using personal data for monitoring public health. These changes have always been on the horizon; the coronavirus pandemic simply sped up their GDPR implementation. In turn, this has led to data protection expertise, becoming a vitally important part of IT and information security professionals’ work.
Among security teams, over a third of professionals who responded to the survey, said data privacy was one of their top areas of responsibility, along with assessing and managing risk and responding to threats. Furthermore, the fact that Cisco's study revealed privacy metrics are being sent to the boards for 90% of the organisations who took part highlights its importance.
Privacy protection and being able to ensure compliance with the GDPR is a highly specialised area. The Cisco study concluded that:
Privacy is not simply a compliance issue; it is a fundamental human right. A right that is being challenged more and more by technological advances.
Investing in privacy training on GDPR for security professionals, streamlining vendor due diligence, improving data processing transparency, and obtaining external privacy certifications ensure that an organisation seriously considers privacy during all business activities.
In today's world, where no one can be certain how much the government and big tech know about their private life, organisations that respect privacy will gain a significant competitive advantage.
COVID-19: FLEXIBLE, LIVE ONLINE BCS & IAPP TRAINING NOW AVAILABLE - PLEASE CONTACT FOR DETAILS