Professional Documents
Culture Documents
The State of Privacy 2023
The State of Privacy 2023
2
2
PLATFORM INFORMATION & QUICK TIPS
• Use the HELP icon at the bottom for FAQ’s and system requirements.
3
CPE CREDIT PROCESS
LIVE EVENT & ON DEMAND RECORDING
• You must view the live or recorded webinar for the required amount of time
(50-minutes). Check the CPE Credit window to view the timer.
• Your CPE Certificate will automatically appear in the ISACA CPE RECORDS
tab on the MyISACA page after completing the required viewing time.
• Please be patient. This process could take up to 48 hours for your CPE Certificate
and the CPE credit to be applied to your account.
• As a reminder, ALL ISACA webinars, the CPE credits and CPE certificates expire
365 DAYS POST LIVE EVENT. Please make sure you save the appropriate
documents to your personal records.
4
TODAY’S SPEAKERS
5
AGENDA
Learning objectives:
- Understand the state of privacy staffing
and strategies taken to address skill gaps
- Explore privacy budgets and privacy
program trends
- Explain the role of privacy awareness
training
- Examine the impact of privacy laws and
regulation
- Describe trends in enterprises that practice
6 privacy by design
PRIVACY IN THE HEADLINES
7
PRIVACY HEADLINES
8
SURVEY METHODOLOGY AND
RESPONDENT DEMOGRAPHICS
9
DEMOGRAPHICS
10
DEMOGRAPHICS
11
PRIVACY STAFFING
12
PRIVACY STAFFING TRENDS
13
UNDERSTAFFING
14
TIME TO FILL OPEN PRIVACY POSITIONS
15
FACTORS TO DETERMINE CANDIDATE’S QUALIFICATIONS
16
EXPERIENCE/SKILL DEFICITS
- Lack of experience with different types of
technologies and/or applications (63 percent)
17
PRIVACY BUDGETS
PRIVACY FUNDING
Do not know
14%
Significantly or
somewhat overfunded
7% Somewhat or
significantly
underfunded
43%
Appropriately funded
36%
18
PRIVACY PROGRAM TRENDS
19
ACCOUNTABILITY FOR PRIVACY
20
OBSTACLES TO FORMING A PRIVACY PROGRAM
21
PRIVACY’S INTERACTION WITH OTHER Frequency of meetings
AREAS between technical and
legal/compliance privacy
Departments privacy teams interact with:
professionals
- Information security (32 percent)
22
BOARDS OF DIRECTORS AND PRIVACY
3%
20%
55%
22%
23
MONITORING PRIVACY PROGRAMS
24
PRIVACY AWARENESS TRAINING
25
PRIVACY AWARENESS TRAINING
26
EVALUATING PRIVACY AWARENESS TRAINING
27
PRIVACY FRAMEWORKS, LAWS
AND REGULATIONS
28
FRAMEWORKS USED TO MANAGE PRIVACY
29
DATA-SUBJECT REQUESTS
30
PRIVACY BREACHES AND
FAILURES
31
COMMON PRIVACY FAILURES
32
PRIVACY BREACHES
9% 11%
17%
63%
33
PRIVACY BY DESIGN TRENDS
34
PRACTICING PRIVACY BY DESIGN
42 percent of
respondents identified
not practicing privacy by
design as a common
privacy failure
35
TRENDS AMONG ENTERPRISES THAT ALWAYS PRACTICE
PRIVACY BY DESIGN
36
THE FUTURE OF PRIVACY
37
DEMAND FOR PRIVACY PROFESSIONALS
7%1%
2%
9% 2%
2%
21%
24%
63% 69%
38
LIKELIHOOD OF EXPERIENCING A MATERIAL PRIVACY
BREACH IN THE NEXT YEAR
39
PLANS TO USE AI FOR PRIVACY FUNCTIONS
40
QUESTIONS?
41
This training content (“content”) is provided to you without warranty, “as is” and “with
all faults”. ISACA makes no representations or warranties express or implied, including
those of merchantability, fitness for a particular purpose or performance, and non-
infringement, all of which are hereby expressly disclaimed.
You assume the entire risk for the use of the content and acknowledge that: ISACA
has designed the content primarily as an educational resource for IT professionals and
therefore the content should not be deemed either to set forth all appropriate
procedures, tests, or controls or to suggest that other procedures, tests, or controls
that are not included may not be appropriate; ISACA does not claim that use of the
content will assure a successful outcome and you are responsible for applying
professional judgement to the specific circumstances presented to determining the
appropriate procedures, tests, or controls.
Copyright © 2022 by the Information Systems Audit and Control Association, Inc. (ISACA). All rights reserved. This webinar may not be used, copied, reproduced,
modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise).
42
THANK YOU FOR ATTENDING