Major skills gap remains across privacy landscape

Article Banner

According to an annual survey, there is still a major privacy skills gap despite the increased staffing of privacy professionals and boards prioritising privacy issues.

The global survey, which included approximately 1,890 working professionals holding cybersecurity or privacy solutions certifications from a range of industries and locations worldwide, revealed that although privacy staffing overall saw a slight increase in median from the previous year, a privacy skills gap remains in many areas.

The survey shows that while hiring privacy professionals is a time-consuming process, the main issue causing the privacy skills gap is the strong preference for experienced candidates, which creates a shortage of senior-level privacy experts.

To stay updated on the latest data protection jobs and sign up for courses, please visit There are also “Spotlight On” success stories and more Data Protection Careers features on the DPEX Network blog.

Direct experience ‘very important’

Over 50% of respondents say that direct experience in the role is “very important,” while only 40% view credentials as “very important” and 26% put the same weight on a university degree.

The privacy skills gap is exacerbated by the lack of experience with frameworks and controls, understanding of relevant laws and regulations, technical expertise, and lack of direct experience with applications or technologies.

Organisations are addressing the privacy skills gap by offering internal cross-training opportunities for non-privacy staff, stepping up the use of outside consultants or temporary contract employees, and looking to automation or artificial intelligence to take on some of the workload.

Moreover, the survey revealed that despite an increase in funding, only 36% of respondents believe privacy programmes are adequately funded, while 42% say it is “somewhat” or “significantly” underfunded. In addition, getting executive or business support remains an obstacle for 39% of respondents, and 38% still grapple with lack of visibility in the organisation.

Start your career in data protection by taking our 1-day PDPA crash course (Singapore) / our Data Protection Officer Program (DPO ACE, Philippines), or check out our learning roadmap.

Top roles sought for privacy leads

Organisations are overwhelmingly looking for an experienced security or IT executive to be responsible for privacy.

The top four picks for this role were a dedicated chief privacy officer, a chief information officer, an executive-level chief information security officer, and a chief executive officer.

Furthermore, the survey revealed that privacy professionals from different teams are not interfacing particularly often, and organisation-wide training is still not frequent despite the rise in cyber attacks in recent years.

However, only 5% reported more breaches than in the previous year, though over half either refused to answer the question or did not know.

Finally, in response to whether AI is expected to take on some of the workload left unaddressed by the privacy skills gap,

Already a member?  
Unlock these benefits

Get access to news, enforcement cases, events, and actionable tips and guides


Get regular email updates and offers


Job opportunities, mentorship and career guidance


Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin

Related Articles