The Infotel team is back from the recent International Association of Privacy Professionals (IAPP) Global Privacy Summit, and we have had some time to reflect on what we learned from exhibiting and networking at this year’s event. First off, congratulations to the IAPP team! This year’s summit was the association’s largest-ever event, attracting an estimated crowd of around 5,500 attendees, and the impressive turn-out indicates data privacy’s growing importance in today’s organizations, both public and private.
We had some excellent conversations at the conference, and we wanted to sum up some of our key takeaways from the event.
Urgent Need for Education
Once a specialty tasked to privacy professionals in an organization, data privacy, and security now requires an all-hands-on-deck approach. Year after year, we see that human error (or deliberate malintent) is the number one cause of data breaches across the globe. Verizon’s 2022 Data Breach Investigations Report found that 82% of breaches involved the human element – whether through stolen credentials, phishing, misuse, and/or errors. The best software in the world can’t account for the people in your organization making risky decisions, knowingly or not.
If the IAPP summit was an accurate reflection of the industry, the privacy professionals are an incredibly bright and competent group. And yet, despite this talent, the risk of data breach or privacy violations grows every year.
It can no longer fall to a few people in an organization to keep every piece of data safe. Risk is everywhere, and it’s on us to create a culture of educated workforces, even and especially outside of dedicated InfoSec teams.
It’s crucial that those of us with the knowledge make data privacy and security education accessible and easily digestible to assure the widest reach and continued success. And it’s not going to be consultants, (and their accompanying exorbitant fees) to do the bulk of this leg work. There is a clear demand for easily accessible webinars or podcasts and events like IAPP that offer practical guidance on creating and implementing privacy policies. Additionally, the technology organizations use to maintain data security and privacy compliance must also be easily accessible and intuitive for all users for the widest-reaching success. User-friendly platforms like Infotel’s Arvitam™ and deepeo™ are highly functional and built around existing data governance and privacy professionals’ workflows so organizations can easily leverage this tech to help monitor and maintain compliance.
Legal Teams Now Leading the Charge Navigating the Privacy Policy Challenge
One striking observation made at the IAPP event was the significant presence of attorneys (not IT professionals) tasked with enterprise-wide privacy policy creation and enforcement. With privacy policy formulation becoming a crucial task for organizations, Chief Legal Officers (CLOs) and attorneys are increasingly tasked with leading these efforts. However, many of them expressed a need for guidance on how to navigate this complex landscape and implement privacy policies effectively. They had workflow questions. They had technology questions. They were yearning to soak up knowledge of the tools and methodologies out there to help with this unforeseen initiative. We expected to speak to the tech faction about solutions. The pleasant surprise was more legal representation from large organizations taking the lead on these compliance initiatives.
Where we used to see silos in how Business and IT work to solve security compliance and data governance, we are now seeing Business (specifically Legal) close this gap and work with IT to better manage data and IP. This is a testament to the importance boards of directors and business leaders are placing on security compliance and privacy.
Privacy Policy Creating a Paradigm Shift:
The IAPP event reflected the increasing importance of privacy concerns in the business landscape. The fact that there were exponentially more attorneys than IT professionals present at the event highlights the shift in organizational priorities. CxOs are recognizing the urgency of privacy policy development but often lack the necessary expertise to take the lead. Consequently, they turn to their legal teams for guidance and solutions. This paradigm shift opens up opportunities for technology providers like Infotel to offer comprehensive privacy management solutions that cater to the needs of legal professionals and provide the necessary tools for effective policy implementation. But Infotel does not create these tools in a vacuum. We listen to customers’ concerns, understanding how they work and what they are up against daily in their jobs. Then with this knowledge and understanding, we build solutions that are aligned with their workflows and the industry standards they must adhere to that keep their organizations out of hot water.
It was an eye-opening, encouraging week in Philadelphia, and we’re looking forward to continuing these conversations with our colleagues in the industry. To learn more about Infotel’s suite of data governance solutions visit https://insoft-infotel.com/enterprise-info-management/.