- The 25+ best Black Friday Nintendo Switch deals 2024
- Why there could be a new AI chatbot champ by the time you read this
- The 70+ best Black Friday TV deals 2024: Save up to $2,000
- This AI image generator that went viral for its realistic images gets a major upgrade
- One of the best cheap Android phones I've tested is not a Motorola or Samsung
Lack of Understanding, Underfunding Threaten Data Privacy & Compliance
A lack of understanding combined with budgetary squeezes are significant obstacles for organization’s navigating data privacy and compliance with data protection laws, according to industry body ISACA.
In The State of Data Privacy in 2024 report, ISACA found that over half (57%) of cyber professionals are not confident in their organization’s privacy team’s ability to ensure data privacy and achieve compliance with new privacy laws and regulations.
One reason for this is that two-thirds of professionals (66%) simply do not understand the privacy regulations their organization needs to comply with.
The poor training or complete lack of was also cited as a common reason for privacy failures, followed by a lack of privacy by design implementation and data breaches.
Of the 1300 respondents to ISACA’s study, 43% highlighted budgetary challenges, stating their privacy budget is underfunded. Over half of professionals expect this budget to be further reduced in 2024.
In practice, these issues mean that IT professionals face numerous challenges when deploying data privacy programs. The most mentioned obstacles include:
- A lack of competent resources (41%)
- A lack of clarity on the mandate, roles and responsibilities (39%)
- A lack of executive or business support (37%)
- A lack of visibility and influence within the organization (37%)
In-House Training and Privacy Consultants on the Rise
ISACA’s study also found that the demand for data privacy roles will likely soar in 2024, with 62% of respondents saying they observe an increased demand for technical privacy roles and 55% anticipating a further need for legal and compliance roles in the near future.
Although previous legal or compliance experience is a critical factor for recruiting privacy specialists for 61% of respondents, the prime skill is the knowledge of different types of technologies and/or applications, which 63% said was fundamental.
However, ISACA found that recruitment is not the only way of filling the data privacy skills gap. Instead, half of the respondents (50%) said they prioritized training non-privacy staff interested in moving into privacy roles.
Over one-third (39%) predicted there will be an increased use of contract employees or outside consultants to work on privacy programs.