Major skills gap remains across privacy landscape

According to an annual survey, there is still a major privacy skills gap despite the increased staffing of privacy professionals and boards prioritising privacy issues.

The global survey, which included approximately 1,890 working professionals holding cybersecurity or privacy solutions certifications from a range of industries and locations worldwide, revealed that although privacy staffing overall saw a slight increase in median from the previous year, a privacy skills gap remains in many areas.

The survey shows that while hiring privacy professionals is a time-consuming process, the main issue causing the privacy skills gap is the strong preference for experienced candidates, which creates a shortage of senior-level privacy experts.

To stay updated on the latest data protection jobs and sign up for courses, please visit dpexnetwork.org. There are also “Spotlight On” success stories and more Data Protection Careers features on the DPEX Network blog.

Direct experience ‘very important’

Over 50% of respondents say that direct experience in the role is “very important,” while only 40% view credentials as “very important” and 26% put the same weight on a university degree.

The privacy skills gap is exacerbated by the lack of experience with frameworks and controls, understanding of relevant laws and regulations, technical expertise, and lack of direct experience with applications or technologies.

Organisations are addressing the privacy skills gap by offering internal cross-training opportunities for non-privacy staff, stepping up the use of outside consultants or temporary contract employees, and looking to automation or artificial intelligence to take on some of the workload.

Moreover, the survey revealed that despite an increase in funding, only 36% of respondents believe privacy programmes are adequately funded, while 42% say it is “somewhat” or “significantly” underfunded. In addition, getting executive or business support remains an obstacle for 39% of respondents, and 38% still grapple with lack of visibility in the organisation.

Start your career in data protection by taking our 1-day PDPA crash course (Singapore) / our Data Protection Officer Program (DPO ACE, Philippines), or check out our learning roadmap.

Top roles sought for privacy leads

Organisations are overwhelmingly looking for an experienced security or IT executive to be responsible for privacy.

The top four picks for this role were a dedicated chief privacy officer, a chief information officer, an executive-level chief information security officer, and a chief executive officer.

Furthermore, the survey revealed that privacy professionals from different teams are not interfacing particularly often, and organisation-wide training is still not frequent despite the rise in cyber attacks in recent years.

However, only 5% reported more breaches than in the previous year, though over half either refused to answer the question or did not know.

Finally, in response to whether AI is expected to take on some of the workload left unaddressed by the privacy skills gap, 69% of respondents either say that they have no specific plans or are unaware. Only 11% are currently using AI, and 20% have plans in place to adopt or continue using AI in the next 12 months.

For queries on the courses most suited for your career, contact us or email courses@straitsinteractive.com to get your questions answered.

Focus on potential

So the survey paints a pessimistic picture of the ability to secure sensitive data, despite organisations having the intent to reinforce various departments, with a major privacy skills gap remaining as the labour market is unable to keep up with demand, and budgets are often insufficient for top-talent recruitment.

The findings suggest that organisations need to change their approach and focus on candidates’ potential rather than specific experience and technical privacy skills to close the privacy skills gap in the long run.

Additionally, organisations should prioritise executive and business support, provide adequate funding for privacy programs, and ensure that all staff receive regular privacy training to stay ahead of cyber threats.

Here on DPEX Network, we curate data protection jobs from Singapore, the Philippines and the region on a weekly basis. Please sign up for a free DPEX Network membership to get updated on the latest career trends and competency roadmaps for you to embark on a new career or upskill as a data privacy professional.